Skip to content

Commit

Permalink
Printfs for rules debugging
Browse files Browse the repository at this point in the history
re-uses ZT_TRACE to enable.
  • Loading branch information
laduke committed Feb 29, 2024
1 parent 0bf67bf commit bca650e
Showing 1 changed file with 42 additions and 1 deletion.
43 changes: 42 additions & 1 deletion node/Network.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,18 @@ static _doZtFilterResult _doZtFilter(

rrl.clear();

// uncomment for easier debugging fprintf
// if (!ztDest) { return DOZTFILTER_ACCEPT; }
#ifdef ZT_TRACE
char buf[40], buf2[40];
fprintf(stderr, "\nsrc %s dest %s inbound: %d ethertype %u", ztSource.toString(buf), ztDest.toString(buf2), inbound, etherType);
#endif

for(unsigned int rn=0;rn<ruleCount;++rn) {
const ZT_VirtualNetworkRuleType rt = (ZT_VirtualNetworkRuleType)(rules[rn].t & 0x3f);
#ifdef ZT_TRACE
fprintf(stderr, "\n%02u %02d", rn, rt);
#endif

// First check if this is an ACTION
if ((unsigned int)rt <= (unsigned int)ZT_NETWORK_RULE_ACTION__MAX_ID) {
Expand All @@ -124,12 +134,21 @@ static _doZtFilterResult _doZtFilter(

case ZT_NETWORK_RULE_ACTION_DROP: {
if (!!skipDrop) {
#ifdef ZT_TRACE
fprintf(stderr, "\tskip Drop");
#endif
skipDrop = 0; continue;
}
#ifdef ZT_TRACE
fprintf(stderr, "\tDrop\n");
#endif
return DOZTFILTER_DROP;
}

case ZT_NETWORK_RULE_ACTION_ACCEPT: {
#ifdef ZT_TRACE
fprintf(stderr, "\tAccept\n");
#endif
return (superAccept ? DOZTFILTER_SUPER_ACCEPT : DOZTFILTER_ACCEPT); // match, accept packet
}

Expand Down Expand Up @@ -453,6 +472,14 @@ static _doZtFilterResult _doZtFilter(
const Tag *const localTag = std::lower_bound(&(nconf.tags[0]),&(nconf.tags[nconf.tagCount]),rules[rn].v.tag.id,Tag::IdComparePredicate());
if ((localTag != &(nconf.tags[nconf.tagCount]))&&(localTag->id() == rules[rn].v.tag.id)) {
const Tag *const remoteTag = ((membership) ? membership->getTag(nconf,rules[rn].v.tag.id) : (const Tag *)0);
#ifdef ZT_TRACE
fprintf(stderr, "\tlocal tag [%u: %u] remote tag [%u: %u] match [%u]",
!!localTag ? localTag->id() : 0,
!!localTag ? localTag->value() : 0,
!!remoteTag ? remoteTag->id() : 0,
!!remoteTag ? remoteTag->value() : 0,
thisRuleMatches);
#endif
if (remoteTag) {
const uint32_t ltv = localTag->value();
const uint32_t rtv = remoteTag->value();
Expand All @@ -473,6 +500,9 @@ static _doZtFilterResult _doZtFilter(
} else {
if ((inbound)&&(!superAccept)) {
thisRuleMatches = hardNo;
#ifdef ZT_TRACE
fprintf(stderr, "\tinbound ");
#endif
} else {
// Outbound side is not strict since if we have to match both tags and
// we are sending a first packet to a recipient, we probably do not know
Expand All @@ -481,6 +511,9 @@ static _doZtFilterResult _doZtFilter(
// not strict since we likely do not have these tags.
skipDrop = 1;
thisRuleMatches = hardYes;
#ifdef ZT_TRACE
fprintf(stderr, "\toutbound ");
#endif
}
}
} else {
Expand All @@ -489,8 +522,16 @@ static _doZtFilterResult _doZtFilter(
} break;
case ZT_NETWORK_RULE_MATCH_TAG_SENDER:
case ZT_NETWORK_RULE_MATCH_TAG_RECEIVER: {
const Tag *const remoteTag = ((membership) ? membership->getTag(nconf,rules[rn].v.tag.id) : (const Tag *)0);
const Tag *const localTag = std::lower_bound(&(nconf.tags[0]),&(nconf.tags[nconf.tagCount]),rules[rn].v.tag.id,Tag::IdComparePredicate());
#ifdef ZT_TRACE
const Tag *const remoteTag = ((membership) ? membership->getTag(nconf,rules[rn].v.tag.id) : (const Tag *)0);
fprintf(stderr, "\tlocal tag [%u: %u] remote tag [%u: %u] match [%u]",
!!localTag ? localTag->id() : 0,
!!localTag ? localTag->value() : 0,
!!remoteTag ? remoteTag->id() : 0,
!!remoteTag ? remoteTag->value() : 0,
thisRuleMatches);
#endif
if (superAccept) {
skipDrop = 1;
thisRuleMatches = hardYes;
Expand Down

0 comments on commit bca650e

Please sign in to comment.