2 net.c -- most of the network code
3 Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: net.c,v 1.35.4.33 2000/10/11 10:35:16 guus Exp $
25 #include <arpa/inet.h>
29 #include <netinet/in.h>
33 #include <sys/signal.h>
34 #include <sys/socket.h>
36 #include <sys/types.h>
55 int total_tap_out = 0;
56 int total_socket_in = 0;
57 int total_socket_out = 0;
59 int upstreamindex = 0;
60 static int seconds_till_retry;
62 /* The global list of existing connections */
63 conn_list_t *conn_list = NULL;
64 conn_list_t *myself = NULL;
67 strip off the MAC adresses of an ethernet frame
69 void strip_mac_addresses(vpn_packet_t *p)
72 memmove(p->data, p->data + 12, p->len -= 12);
77 reassemble MAC addresses
79 void add_mac_addresses(vpn_packet_t *p)
82 memcpy(p->data + 12, p->data, p->len);
84 p->data[0] = p->data[6] = 0xfe;
85 p->data[1] = p->data[7] = 0xfd;
86 /* Really evil pointer stuff just below! */
87 *((ip_t*)(&p->data[2])) = (ip_t)(htonl(myself->real_ip));
88 *((ip_t*)(&p->data[8])) = *((ip_t*)(&p->data[26]));
92 int xsend(conn_list_t *cl, vpn_packet_t *inpkt)
97 outpkt.len = inpkt->len;
98 EVP_EncryptInit(cl->cipher_pktctx, cl->cipher_pkttype, cl->cipher_pktkey, cl->cipher_pktiv);
99 EVP_EncryptUpdate(cl->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
100 EVP_EncryptFinal(cl->cipher_pktctx, outpkt.data + outlen, &outpad);
104 syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
105 outlen, cl->name, cl->hostname);
107 total_socket_out += outlen;
111 if((send(cl->socket, (char *) &(outpkt.len), outlen + 2, 0)) < 0)
113 syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
114 cl->name, cl->hostname);
121 int xrecv(vpn_packet_t *inpkt)
127 syslog(LOG_ERR, _("Receiving packet of %d bytes"),
130 outpkt.len = inpkt->len;
131 EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, myself->cipher_pktiv);
132 EVP_DecryptUpdate(myself->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
133 /* FIXME: grok DecryptFinal
134 EVP_DecryptFinal(myself->cipher_pktctx, outpkt.data + outlen, &outpad);
137 add_mac_addresses(&outpkt);
139 if(write(tap_fd, outpkt.data, outpkt.len) < 0)
140 syslog(LOG_ERR, _("Can't write to tap device: %m"));
142 total_tap_out += outpkt.len;
148 add the given packet of size s to the
149 queue q, be it the send or receive queue
151 void add_queue(packet_queue_t **q, void *packet, size_t s)
155 e = xmalloc(sizeof(*e));
156 e->packet = xmalloc(s);
157 memcpy(e->packet, packet, s);
161 *q = xmalloc(sizeof(**q));
162 (*q)->head = (*q)->tail = NULL;
165 e->next = NULL; /* We insert at the tail */
167 if((*q)->tail) /* Do we have a tail? */
169 (*q)->tail->next = e;
170 e->prev = (*q)->tail;
172 else /* No tail -> no head too */
182 /* Remove a queue element */
183 void del_queue(packet_queue_t **q, queue_element_t *e)
188 if(e->next) /* There is a successor, so we are not tail */
190 if(e->prev) /* There is a predecessor, so we are not head */
192 e->next->prev = e->prev;
193 e->prev->next = e->next;
195 else /* We are head */
197 e->next->prev = NULL;
198 (*q)->head = e->next;
201 else /* We are tail (or all alone!) */
203 if(e->prev) /* We are not alone :) */
205 e->prev->next = NULL;
206 (*q)->tail = e->prev;
220 flush a queue by calling function for
221 each packet, and removing it when that
222 returned a zero exit code
224 void flush_queue(conn_list_t *cl, packet_queue_t **pq,
225 int (*function)(conn_list_t*,void*))
227 queue_element_t *p, *next = NULL;
229 for(p = (*pq)->head; p != NULL; )
233 if(!function(cl, p->packet))
240 syslog(LOG_DEBUG, _("Queue flushed"));
245 flush the send&recv queues
246 void because nothing goes wrong here, packets
247 remain in the queue if something goes wrong
249 void flush_queues(conn_list_t *cl)
255 syslog(LOG_DEBUG, _("Flushing send queue for %s (%s)"),
256 cl->name, cl->hostname);
257 flush_queue(cl, &(cl->sq), xsend);
263 syslog(LOG_DEBUG, _("Flushing receive queue for %s (%s)"),
264 cl->name, cl->hostname);
265 flush_queue(cl, &(cl->rq), xrecv);
271 send a packet to the given vpn ip.
273 int send_packet(ip_t to, vpn_packet_t *packet)
277 if((cl = lookup_conn(to)) == NULL)
281 syslog(LOG_NOTICE, _("Trying to look up %d.%d.%d.%d in connection list failed!"),
288 /* If we ourselves have indirectdata flag set, we should send only to our uplink! */
290 /* The next few lines will be obsoleted, if we are going indirect, matching subnet_t
291 should point to only our uplink as the recepient
294 if(myself->flags & EXPORTINDIRECTDATA)
296 for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next);
298 { /* No open outgoing connection has been found. */
300 syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!"));
306 /* If indirectdata flag is set for the destination we just looked up,
307 * then real_ip is actually the vpn_ip of the gateway tincd
311 if(cl->flags & INDIRECTDATA)
314 syslog(LOG_NOTICE, _("Indirect packet to %s via %s"),
315 cl->name, cl->hostname);
316 if((cl = lookup_conn(cl->real_ip)) == NULL)
319 syslog(LOG_NOTICE, _("Indirect look up %d.%d.%d.%d in connection list failed!"), IP_ADDR_V(to));
321 /* Gateway tincd dead? Should we kill it? (GS) */
325 if(cl->flags & INDIRECTDATA) /* This should not happen */
328 syslog(LOG_NOTICE, _("Double indirection for %d.%d.%d.%d"), IP_ADDR_V(to));
333 if(my_key_expiry <= time(NULL))
336 if(!cl->status.dataopen)
337 if(setup_vpn_connection(cl) < 0)
339 syslog(LOG_ERR, _("Could not open UDP connection to %s (%s)"),
340 cl->name, cl->hostname);
344 if(!cl->status.validkey)
347 syslog(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"),
348 cl->name, cl->hostname);
349 add_queue(&(cl->sq), packet, packet->len + 2);
350 if(!cl->status.waitingforkey)
351 send_req_key(myself, cl); /* Keys should be sent to the host running the tincd */
355 if(!cl->status.active)
358 syslog(LOG_INFO, _("%s (%s) is not ready, queueing packet"),
359 cl->name, cl->hostname);
360 add_queue(&(cl->sq), packet, packet->len + 2);
361 return 0; /* We don't want to mess up, do we? */
364 /* can we send it? can we? can we? huh? */
366 return xsend(cl, packet);
370 open the local ethertap device
372 int setup_tap_fd(void)
375 const char *tapfname;
378 if((cfg = get_config_val(tapdevice)) == NULL)
379 tapfname = "/dev/tap0";
381 tapfname = cfg->data.ptr;
383 if((nfd = open(tapfname, O_RDWR | O_NONBLOCK)) < 0)
385 syslog(LOG_ERR, _("Could not open %s: %m"), tapfname);
395 set up the socket that we listen on for incoming
398 int setup_listen_meta_socket(int port)
401 struct sockaddr_in a;
405 if((nfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
407 syslog(LOG_ERR, _("Creating metasocket failed: %m"));
411 if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
413 syslog(LOG_ERR, _("setsockopt: %m"));
417 if(setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, &one, sizeof(one)))
419 syslog(LOG_ERR, _("setsockopt: %m"));
423 flags = fcntl(nfd, F_GETFL);
424 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
426 syslog(LOG_ERR, _("fcntl: %m"));
430 if((cfg = get_config_val(interface)))
432 if(setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, cfg->data.ptr, strlen(cfg->data.ptr)))
434 syslog(LOG_ERR, _("Unable to bind listen socket to interface %s: %m"), cfg->data.ptr);
439 memset(&a, 0, sizeof(a));
440 a.sin_family = AF_INET;
441 a.sin_port = htons(port);
443 if((cfg = get_config_val(interfaceip)))
444 a.sin_addr.s_addr = htonl(cfg->data.ip->ip);
446 a.sin_addr.s_addr = htonl(INADDR_ANY);
448 if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
450 syslog(LOG_ERR, _("Can't bind to port %hd/tcp: %m"), port);
456 syslog(LOG_ERR, _("listen: %m"));
464 setup the socket for incoming encrypted
467 int setup_vpn_in_socket(int port)
470 struct sockaddr_in a;
473 if((nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
475 syslog(LOG_ERR, _("Creating socket failed: %m"));
479 if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
481 syslog(LOG_ERR, _("setsockopt: %m"));
485 flags = fcntl(nfd, F_GETFL);
486 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
488 syslog(LOG_ERR, _("fcntl: %m"));
492 memset(&a, 0, sizeof(a));
493 a.sin_family = AF_INET;
494 a.sin_port = htons(port);
495 a.sin_addr.s_addr = htonl(INADDR_ANY);
497 if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
499 syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), port);
507 setup an outgoing meta (tcp) socket
509 int setup_outgoing_meta_socket(conn_list_t *cl)
512 struct sockaddr_in a;
516 syslog(LOG_INFO, _("Trying to connect to %s"), cl->hostname);
518 if((cfg = get_config_val(upstreamport)) == NULL)
521 cl->port = cfg->data.val;
523 cl->meta_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
524 if(cl->meta_socket == -1)
526 syslog(LOG_ERR, _("Creating socket for %s port %d failed: %m"),
527 cl->hostname, cl->port);
531 a.sin_family = AF_INET;
532 a.sin_port = htons(cl->port);
533 a.sin_addr.s_addr = htonl(cl->real_ip);
535 if(connect(cl->meta_socket, (struct sockaddr *)&a, sizeof(a)) == -1)
537 syslog(LOG_ERR, _("%s port %hd: %m"), cl->hostname, cl->port);
541 flags = fcntl(cl->meta_socket, F_GETFL);
542 if(fcntl(cl->meta_socket, F_SETFL, flags | O_NONBLOCK) < 0)
544 syslog(LOG_ERR, _("fcntl for %s port %d: %m"),
545 cl->hostname, cl->port);
550 syslog(LOG_INFO, _("Connected to %s port %hd"),
551 cl->hostname, cl->port);
557 setup an outgoing connection. It's not
558 necessary to also open an udp socket as
559 well, because the other host will initiate
560 an authentication sequence during which
561 we will do just that.
563 int setup_outgoing_connection(char *hostname)
568 if(!(h = gethostbyname(hostname)))
570 syslog(LOG_ERR, _("Error looking up `%s': %m"), hostname);
574 ncn = new_conn_list();
575 ncn->real_ip = ntohl(*((ip_t*)(h->h_addr_list[0])));
576 ncn->hostname = hostlookup(htonl(ncn->real_ip));
578 if(setup_outgoing_meta_socket(ncn) < 0)
580 syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
582 free_conn_element(ncn);
586 ncn->status.meta = 1;
587 ncn->status.outgoing = 1;
588 ncn->next = conn_list;
595 set up the local sockets (listen only)
597 int setup_myself(void)
601 myself = new_conn_list();
603 myself->hostname = "MYSELF"; /* FIXME? */
606 if(!(cfg = get_config_val(tincname))) /* Not acceptable */
608 syslog(LOG_ERR, _("Name for tinc daemon required!"));
612 myself->name = (char*)cfg->data.val;
614 if(!(cfg = get_config_val(listenport)))
617 myself->port = cfg->data.val;
619 if((cfg = get_config_val(indirectdata)))
620 if(cfg->data.val == stupid_true)
621 myself->flags |= EXPORTINDIRECTDATA;
623 if((cfg = get_config_val(tcponly)))
624 if(cfg->data.val == stupid_true)
625 myself->flags |= TCPONLY;
627 if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
629 syslog(LOG_ERR, _("Unable to set up a listening socket"));
633 if((myself->socket = setup_vpn_in_socket(myself->port)) < 0)
635 syslog(LOG_ERR, _("Unable to set up an incoming vpn data socket"));
636 close(myself->meta_socket);
640 myself->status.active = 1;
642 syslog(LOG_NOTICE, _("Ready: listening on port %hd"), myself->port);
648 sigalrm_handler(int a)
652 cfg = get_next_config_val(upstreamip, upstreamindex++);
656 if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */
658 signal(SIGALRM, SIG_IGN);
661 cfg = get_next_config_val(upstreamip, upstreamindex++); /* Or else we try the next ConnectTo line */
664 signal(SIGALRM, sigalrm_handler);
666 seconds_till_retry += 5;
667 if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */
668 seconds_till_retry = MAXTIMEOUT;
669 syslog(LOG_ERR, _("Still failed to connect to other, will retry in %d seconds"),
671 alarm(seconds_till_retry);
676 setup all initial network connections
678 int setup_network_connections(void)
682 if((cfg = get_config_val(pingtimeout)) == NULL)
685 timeout = cfg->data.val;
687 if(setup_tap_fd() < 0)
690 if(setup_myself() < 0)
693 if((cfg = get_next_config_val(upstreamip, upstreamindex++)) == NULL)
694 /* No upstream IP given, we're listen only. */
699 if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */
701 cfg = get_next_config_val(upstreamip, upstreamindex++); /* Or else we try the next ConnectTo line */
704 signal(SIGALRM, sigalrm_handler);
706 seconds_till_retry = MAXTIMEOUT;
707 syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry);
708 alarm(seconds_till_retry);
714 close all open network connections
716 void close_network_connections(void)
720 for(p = conn_list; p != NULL; p = p->next)
722 if(p->status.dataopen)
724 shutdown(p->socket, 0); /* No more receptions */
730 shutdown(p->meta_socket, 0); /* No more receptions */
731 close(p->meta_socket);
736 if(myself->status.active)
738 close(myself->meta_socket);
739 close(myself->socket);
745 syslog(LOG_NOTICE, _("Terminating"));
751 create a data (udp) socket
753 int setup_vpn_connection(conn_list_t *cl)
756 struct sockaddr_in a;
759 syslog(LOG_DEBUG, _("Opening UDP socket to %s"), cl->hostname);
761 nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
764 syslog(LOG_ERR, _("Creating UDP socket failed: %m"));
768 a.sin_family = AF_INET;
769 a.sin_port = htons(cl->port);
770 a.sin_addr.s_addr = htonl(cl->real_ip);
772 if(connect(nfd, (struct sockaddr *)&a, sizeof(a)) == -1)
774 syslog(LOG_ERR, _("Connecting to %s port %d failed: %m"),
775 cl->hostname, cl->port);
779 flags = fcntl(nfd, F_GETFL);
780 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
782 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd,
783 cl->name, cl->hostname);
788 cl->status.dataopen = 1;
794 handle an incoming tcp connect call and open
797 conn_list_t *create_new_connection(int sfd)
800 struct sockaddr_in ci;
801 int len = sizeof(ci);
805 if(getpeername(sfd, &ci, &len) < 0)
807 syslog(LOG_ERR, _("Error: getpeername: %m"));
811 p->real_ip = ntohl(ci.sin_addr.s_addr);
812 p->hostname = hostlookup(ci.sin_addr.s_addr);
813 p->meta_socket = sfd;
816 p->last_ping_time = time(NULL);
820 syslog(LOG_NOTICE, _("Connection from %s port %d"),
821 p->hostname, htons(ci.sin_port));
823 if(send_basic_info(p) < 0)
825 free_conn_element(p);
833 put all file descriptors in an fd_set array
835 void build_fdset(fd_set *fs)
841 for(p = conn_list; p != NULL; p = p->next)
844 FD_SET(p->meta_socket, fs);
845 if(p->status.dataopen)
846 FD_SET(p->socket, fs);
849 FD_SET(myself->meta_socket, fs);
850 FD_SET(myself->socket, fs);
856 receive incoming data from the listening
857 udp socket and write it to the ethertap
858 device after being decrypted
860 int handle_incoming_vpn_data()
864 int x, l = sizeof(x);
866 if(getsockopt(myself->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
868 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m"),
869 __FILE__, __LINE__, myself->socket);
874 syslog(LOG_ERR, _("Incoming data socket error: %s"), strerror(x));
878 if(recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, NULL, NULL) <= 0)
880 syslog(LOG_ERR, _("Receiving packet failed: %m"));
889 terminate a connection and notify the other
890 end before closing the sockets
892 void terminate_connection(conn_list_t *cl)
897 if(cl->status.remove)
901 syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
902 cl->name, cl->hostname);
904 if(cl->status.timeout)
906 /* else if(!cl->status.termreq)
913 close(cl->meta_socket);
915 cl->status.remove = 1;
917 /* If this cl isn't active, don't send any DEL_HOSTs. */
918 if(cl->status.active)
919 notify_others(cl,NULL,send_del_host);
922 /* Find all connections that were lost because they were behind cl
923 (the connection that was dropped). */
925 for(p = conn_list; p != NULL; p = p->next)
927 if((p->nexthop == cl) && (p != cl))
929 if(cl->status.active && p->status.active)
930 notify_others(p,cl,send_del_host);
933 p->status.active = 0;
934 p->status.remove = 1;
938 cl->status.active = 0;
940 if(cl->status.outgoing)
942 signal(SIGALRM, sigalrm_handler);
943 seconds_till_retry = 5;
944 alarm(seconds_till_retry);
945 syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in 5 seconds"));
951 Check if the other end is active.
952 If we have sent packets, but didn't receive any,
953 then possibly the other end is dead. We send a
954 PING request over the meta connection. If the other
955 end does not reply in time, we consider them dead
956 and close the connection.
958 int check_dead_connections(void)
964 for(p = conn_list; p != NULL; p = p->next)
968 if(p->status.active && p->status.meta)
970 if(p->last_ping_time + timeout < now)
972 if(p->status.pinged && !p->status.got_pong)
975 syslog(LOG_INFO, _("%s (%s) didn't respond to PING"),
976 p->name, p->hostname);
977 p->status.timeout = 1;
978 terminate_connection(p);
980 else if(p->want_ping)
983 p->last_ping_time = now;
984 p->status.pinged = 1;
985 p->status.got_pong = 0;
995 accept a new tcp connect and create a
998 int handle_new_meta_connection()
1001 struct sockaddr client;
1002 int nfd, len = sizeof(client);
1004 if((nfd = accept(myself->meta_socket, &client, &len)) < 0)
1006 syslog(LOG_ERR, _("Accepting a new connection failed: %m"));
1010 if(!(ncn = create_new_connection(nfd)))
1014 syslog(LOG_NOTICE, _("Closed attempted connection"));
1018 ncn->status.meta = 1;
1019 ncn->next = conn_list;
1026 check all connections to see if anything
1027 happened on their sockets
1029 void check_network_activity(fd_set *f)
1032 int x, l = sizeof(x);
1034 for(p = conn_list; p != NULL; p = p->next)
1036 if(p->status.remove)
1039 if(p->status.dataopen)
1040 if(FD_ISSET(p->socket, f))
1043 The only thing that can happen to get us here is apparently an
1044 error on this outgoing(!) UDP socket that isn't immediate (i.e.
1045 something that will not trigger an error directly on send()).
1046 I've once got here when it said `No route to host'.
1048 getsockopt(p->socket, SOL_SOCKET, SO_ERROR, &x, &l);
1049 syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"),
1050 p->name, p->hostname, strerror(x));
1051 terminate_connection(p);
1056 if(FD_ISSET(p->meta_socket, f))
1057 if(receive_meta(p) < 0)
1059 terminate_connection(p);
1064 if(FD_ISSET(myself->socket, f))
1065 handle_incoming_vpn_data();
1067 if(FD_ISSET(myself->meta_socket, f))
1068 handle_new_meta_connection();
1073 read, encrypt and send data that is
1074 available through the ethertap device
1076 void handle_tap_input(void)
1080 int ether_type, lenin;
1082 memset(&vp, 0, sizeof(vp));
1083 if((lenin = read(tap_fd, &vp, MTU)) <= 0)
1085 syslog(LOG_ERR, _("Error while reading from tapdevice: %m"));
1089 total_tap_in += lenin;
1091 ether_type = ntohs(*((unsigned short*)(&vp.data[12])));
1092 if(ether_type != 0x0800)
1095 syslog(LOG_INFO, _("Non-IP ethernet frame %04x from %02x:%02x:%02x:%02x:%02x:%02x"), ether_type, MAC_ADDR_V(vp.data[6]));
1102 syslog(LOG_INFO, _("Dropping short packet from %02x:%02x:%02x:%02x:%02x:%02x"), MAC_ADDR_V(vp.data[6]));
1106 from = ntohl(*((unsigned long*)(&vp.data[26])));
1107 to = ntohl(*((unsigned long*)(&vp.data[30])));
1109 vp.len = (length_t)lenin - 2;
1111 strip_mac_addresses(&vp);
1113 send_packet(to, &vp);
1118 this is where it all happens...
1120 void main_loop(void)
1125 time_t last_ping_check;
1127 last_ping_check = time(NULL);
1131 tv.tv_sec = timeout;
1137 if((r = select(FD_SETSIZE, &fset, NULL, NULL, &tv)) < 0)
1139 if(errno != EINTR) /* because of alarm */
1141 syslog(LOG_ERR, _("Error while waiting for input: %m"));
1150 syslog(LOG_INFO, _("Rereading configuration file"));
1151 close_network_connections();
1153 if(read_config_file(configfilename))
1155 syslog(LOG_ERR, _("Unable to reread configuration file, exiting"));
1159 setup_network_connections();
1163 if(last_ping_check + timeout < time(NULL))
1164 /* Let's check if everybody is still alive */
1166 check_dead_connections();
1167 last_ping_check = time(NULL);
1172 check_network_activity(&fset);
1174 /* local tap data */
1175 if(FD_ISSET(tap_fd, &fset))