[Cake] host hashes and NAT neglected in src/dst-host mode

Jonathan Morton chromatix99 at gmail.com
Mon Jan 7 03:20:43 EST 2019


> On 7 Jan, 2019, at 6:00 am, <gamanakis at gmail.com> <gamanakis at gmail.com> wrote:
> 
> 633         if ((flow_override || !(flow_mode & CAKE_FLOW_FLOWS)) &&
> 634             (host_override || !(flow_mode & CAKE_FLOW_HOSTS)))
> 635                 goto skip_hash;

These lines require careful reading.

First, the "override" flags indicate whether an external filter has changed the flow or host hashes, meaning we should not then update them ourselves.

Secondly, the logic is "if we *don't* need the flow hash *and* we *don't* need the host hash, then skip the complicated hash code".

In the dual and triple modes, both the flow and host hashes are required, and bit-level examination of the codes used to identify them should reflect that.  In "flows" and "host" modes, only one or the other are needed, but they will still disable the above check (unless an external filter was used).

In short, only "flowblind" mode or the use of external filters are capable of skipping that block.

 - Jonathan Morton



More information about the Cake mailing list