diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2018-08-19 13:44:59 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2018-08-19 13:44:59 +0000 |
| commit | 58a290b9f49a6dc71495894b76a06a211ea8be4a (patch) | |
| tree | 2bbda3666672206f54da5063ec322361aeb4ef89 /sys/contrib/ipfilter/netinet/ip_nat.c | |
| parent | 1d6e9fe75ceb954e045efb8558a7f943161ba0f6 (diff) | |
| download | src-58a290b9f49a6dc71495894b76a06a211ea8be4a.tar.gz src-58a290b9f49a6dc71495894b76a06a211ea8be4a.zip | |
Add handy DTrace probes useful in diagnosing NAT issues. DTrace probes
are situated next to error counters and/or in one instance prior to the
-1 return from various functions. This was useful in diagnosis of
PR/208566 and will be handy in the future diagnosing NAT failures.
PR: 208566
MFC after: 3 days
Notes
Notes:
svn path=/head/; revision=338046
Diffstat (limited to 'sys/contrib/ipfilter/netinet/ip_nat.c')
| -rw-r--r-- | sys/contrib/ipfilter/netinet/ip_nat.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_nat.c b/sys/contrib/ipfilter/netinet/ip_nat.c index c95c2d0a66cf..815182607f8c 100644 --- a/sys/contrib/ipfilter/netinet/ip_nat.c +++ b/sys/contrib/ipfilter/netinet/ip_nat.c @@ -2676,6 +2676,7 @@ ipf_nat_newmap(fin, nat, ni) if ((np->in_nsrcmsk == 0xffffffff) && (np->in_spnext == 0)) { if (l > 0) { NBUMPSIDEX(1, ns_exhausted, ns_exhausted_1); + DT4(ns_exhausted_1, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } } @@ -2693,6 +2694,7 @@ ipf_nat_newmap(fin, nat, ni) if ((l >= np->in_ppip) || ((l > 0) && !(flags & IPN_TCPUDP))) { NBUMPSIDEX(1, ns_exhausted, ns_exhausted_2); + DT4(ns_exhausted_2, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } /* @@ -2728,6 +2730,7 @@ ipf_nat_newmap(fin, nat, ni) ipf_ifpaddr(softc, 4, FRI_NORMAL, fin->fin_ifp, &in6, NULL) == -1) { NBUMPSIDEX(1, ns_new_ifpaddr, ns_new_ifpaddr_1); + DT4(ns_new_ifpaddr_1, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } in.s_addr = ntohl(in6.in4.s_addr); @@ -2738,6 +2741,7 @@ ipf_nat_newmap(fin, nat, ni) */ if (l > 0) { NBUMPSIDEX(1, ns_exhausted, ns_exhausted_3); + DT4(ns_exhausted_3, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } in.s_addr = ntohl(fin->fin_saddr); @@ -2833,6 +2837,7 @@ ipf_nat_newmap(fin, nat, ni) (np->in_spnext != 0) && (st_port == np->in_spnext) && (np->in_snip != 0) && (st_ip == np->in_snip)) { NBUMPSIDED(1, ns_wrap); + DT4(ns_wrap, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } l++; @@ -2968,6 +2973,7 @@ ipf_nat_newrdr(fin, nat, ni) if (ipf_ifpaddr(softc, 4, FRI_NORMAL, fin->fin_ifp, &in6, NULL) == -1) { NBUMPSIDEX(0, ns_new_ifpaddr, ns_new_ifpaddr_2); + DT3(ns_new_ifpaddr_2, fr_info_t *, fin, nat_t *, nat, natinfo_t, ni); return -1; } in.s_addr = ntohl(in6.in4.s_addr); @@ -3114,6 +3120,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) if (nsp->ns_active >= softn->ipf_nat_table_max) { NBUMPSIDED(fin->fin_out, ns_table_max); + DT2(ns_table_max, nat_stat_t *, nsp, ipf_nat_softc_t *, softn); return NULL; } @@ -3128,6 +3135,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) /* Give me a new nat */ KMALLOC(nat, nat_t *); if (nat == NULL) { + DT(ns_memfail); NBUMPSIDED(fin->fin_out, ns_memfail); /* * Try to automatically tune the max # of entries in the @@ -3223,6 +3231,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) if ((np->in_apr != NULL) && ((nat->nat_flags & NAT_SLAVE) == 0)) { if (ipf_proxy_new(fin, nat) == -1) { NBUMPSIDED(fin->fin_out, ns_appr_fail); + DT3(ns_appr_fail, fr_info_t *, fin, nat_t *, nat, ipnat_t *, np); goto badnat; } } @@ -3380,6 +3389,7 @@ ipf_nat_finalise(fin, nat) } NBUMPSIDED(fin->fin_out, ns_unfinalised); + DT2(ns_unfinalised, fr_info_t *, fin, nat_t *, nat); /* * nat_insert failed, so cleanup time... */ @@ -7065,6 +7075,7 @@ ipf_nat_newrewrite(fin, nat, nai) do { changed = -1; /* TRACE (l, src_search, dst_search, np) */ + DT4(ipf_nat_rewrite_1, int, l, int, src_search, int, dst_search, ipnat_t *, np); if ((src_search == 0) && (np->in_spnext == 0) && (dst_search == 0) && (np->in_dpnext == 0)) { @@ -7129,6 +7140,7 @@ ipf_nat_newrewrite(fin, nat, nai) * Find a new destination address */ /* TRACE (fin, np, l, frnat) */ + DT4(ipf_nat_rewrite_2, frinfo_t *, fin, ipnat_t *, np, int, l, frinfo_t *, &frnat); if (ipf_nat_nextaddr(fin, &np->in_ndst, &frnat.fin_daddr, &frnat.fin_daddr) == -1) @@ -7179,6 +7191,7 @@ ipf_nat_newrewrite(fin, nat, nai) } /* TRACE (frnat) */ + DT1(ipf_nat_rewrite_3, frinfo_t *, &frnat); /* * Here we do a lookup of the connection as seen from @@ -7218,6 +7231,7 @@ ipf_nat_newrewrite(fin, nat, nai) } /* TRACE natl, in_stepnext, l */ + DT3(ipf_nat_rewrite_2, nat_t *, natl, ipnat_t *, np , int, l); if ((natl != NULL) && (l > 8)) /* XXX 8 is arbitrary */ return -1; @@ -7310,6 +7324,7 @@ ipf_nat_newdivert(fin, nat, nai) if (natl != NULL) { NBUMPSIDED(fin->fin_out, ns_divert_exist); + DT3(ns_divert_exist, fr_info_t *, fin, nat_t *, nat, natinfo_t, nai); return -1; } @@ -7562,6 +7577,7 @@ ipf_nat_nextaddr(fin, na, old, dst) case FRI_PEERADDR : case FRI_NETWORK : default : + DT4(ns_na_atype, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); return -1; } @@ -7573,6 +7589,7 @@ ipf_nat_nextaddr(fin, na, old, dst) NULL); } else { NBUMPSIDE(fin->fin_out, ns_badnextaddr); + DT4(ns_badnextaddr_1, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); } } else if (na->na_atype == IPLT_NONE) { @@ -7591,6 +7608,7 @@ ipf_nat_nextaddr(fin, na, old, dst) if (ipf_ifpaddr(softc, 4, na->na_atype, fin->fin_ifp, &newip, NULL) == -1) { NBUMPSIDED(fin->fin_out, ns_ifpaddrfail); + DT4(ns_ifpaddrfail, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); return -1; } new = newip.in4.s_addr; @@ -7602,6 +7620,7 @@ ipf_nat_nextaddr(fin, na, old, dst) } else { NBUMPSIDE(fin->fin_out, ns_badnextaddr); + DT4(ns_badnextaddr_2, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); } return error; |