On Friday 30 April 2010, Davide Brini wrote: > Well, the obvious (and probably wrong, probably inefficient) way could > be to just check if the packet at hand is a ping message, and if it is > do not record it as "activity", eg > > if (! is_ping_msg (&c->c2.buf)) > register_activity (c, size);
How was that expression? "Complex problems have simple, easy to understand wrong answers". It seems this is one of those. The problem with the above approach is that c->c2.buf at the time is_ping_msg() is called is potentially compressed (if compression is used, that is, almost always), so is_ping_msg() cannot detect a ping message. Now, another approach could be to have a flag (a single byte) in the c2 context whose only function in life is to be 1 is the message is a ping message, and 0 otherwise (or true/false, as seems to be preferred in the OpenVPN code). That way, one could test it (also potentially more efficiently) eg if (! c->c2.is_ping)) register_activity (c, size); or something similar. What do people think? Does that look like a waste of space? Other ideas? -- D.
