Changeset 3621 in MondoRescue for branches/3.3/mindi-busybox/networking/zcip.c

Timestamp:

Dec 20, 2016, 4:07:32 PM (7 years ago)

Author:

Bruno Cornec

Message:

New 3?3 banch for incorporation of latest busybox 1.25. Changing minor version to handle potential incompatibilities.

Location:

branches/3.3

Files:

• . (copied) (copied from branches/3.2 )
• mindi-busybox/networking/zcip.c (modified) (21 diffs)

branches/3.3/mindi-busybox/networking/zcip.c

@@ -31 +31 @@
 //usage:     "\n    -q      Quit after obtaining address"
 //usage:     "\n    -r 169.254.x.x  Request this address first"
+//usage:     "\n    -l x.x.0.0  Use this range instead of 169.254"
 //usage:     "\n    -v      Verbose"
+//usage:     "\n"
+//usage:     "\n$LOGGING=none       Suppress logging"
+//usage:     "\n$LOGGING=syslog     Log to syslog"
 //usage:     "\n"
 //usage:     "\nWith no -q, runs continuously monitoring for ARP conflicts,"
@@ -37 +41 @@
 
 #include "libbb.h"
+#include "common_bufsiz.h"
 #include <netinet/ether.h>
 #include <net/if.h>
@@ -53 +58 @@
 
 enum {
-/* 169.254.0.0 */
-    LINKLOCAL_ADDR = 0xa9fe0000,
-
-/* protocol timeout parameters, specified in seconds */
+    /* 0-1 seconds before sending 1st probe */
     PROBE_WAIT = 1,
+    /* 1-2 seconds between probes */
     PROBE_MIN = 1,
     PROBE_MAX = 2,
-    PROBE_NUM = 3,
-    MAX_CONFLICTS = 10,
-    RATE_LIMIT_INTERVAL = 60,
-    ANNOUNCE_WAIT = 2,
-    ANNOUNCE_NUM = 2,
-    ANNOUNCE_INTERVAL = 2,
-    DEFEND_INTERVAL = 10
+    PROBE_NUM = 3,      /* total probes to send */
+    ANNOUNCE_INTERVAL = 2,  /* 2 seconds between announces */
+    ANNOUNCE_NUM = 3,   /* announces to send */
+    /* if probe/announce sees a conflict, multiply RANDOM(NUM_CONFLICT) by... */
+    CONFLICT_MULTIPLIER = 2,
+    /* if we monitor and see a conflict, how long is defend state? */
+    DEFEND_INTERVAL = 10,
 };
 
@@ -72 +75 @@
 enum {
     PROBE = 0,
-    RATE_LIMIT_PROBE,
     ANNOUNCE,
     MONITOR,
@@ -86 +88 @@
 
 struct globals {
-    struct sockaddr saddr;
-    struct ether_addr eth_addr;
+    struct sockaddr iface_sockaddr;
+    struct ether_addr our_ethaddr;
+    uint32_t localnet_ip;
 } FIX_ALIASING;
-#define G (*(struct globals*)&bb_common_bufsiz1)
-#define saddr    (G.saddr   )
-#define eth_addr (G.eth_addr)
-#define INIT_G() do { } while (0)
+#define G (*(struct globals*)bb_common_bufsiz1)
+#define INIT_G() do { setup_common_bufsiz(); } while (0)
 
 
@@ -99 +100 @@
  * the first and last 256 addresses are reserved.
  */
-static uint32_t pick(void)
+static uint32_t pick_nip(void)
 {
     unsigned tmp;
@@ -106 +107 @@
         tmp = rand() & IN_CLASSB_HOST;
     } while (tmp > (IN_CLASSB_HOST - 0x0200));
-    return htonl((LINKLOCAL_ADDR + 0x0100) + tmp);
+    return htonl((G.localnet_ip + 0x0100) + tmp);
+}
+
+static const char *nip_to_a(uint32_t nip)
+{
+    struct in_addr in;
+    in.s_addr = nip;
+    return inet_ntoa(in);
 }
 
@@ -112 +120 @@
  * Broadcast an ARP packet.
  */
-static void arp(
+static void send_arp_request(
     /* int op, - always ARPOP_REQUEST */
-    /* const struct ether_addr *source_eth, - always &eth_addr */
-                    struct in_addr source_ip,
-    const struct ether_addr *target_eth, struct in_addr target_ip)
+    /* const struct ether_addr *source_eth, - always &G.our_ethaddr */
+                    uint32_t source_nip,
+    const struct ether_addr *target_eth, uint32_t target_nip)
 {
     enum { op = ARPOP_REQUEST };
-#define source_eth (&eth_addr)
+#define source_eth (&G.our_ethaddr)
 
     struct arp_packet p;
@@ -136 +144 @@
     p.arp.arp_op = htons(op);
     memcpy(&p.arp.arp_sha, source_eth, ETH_ALEN);
-    memcpy(&p.arp.arp_spa, &source_ip, sizeof(p.arp.arp_spa));
+    memcpy(&p.arp.arp_spa, &source_nip, 4);
     memcpy(&p.arp.arp_tha, target_eth, ETH_ALEN);
-    memcpy(&p.arp.arp_tpa, &target_ip, sizeof(p.arp.arp_tpa));
+    memcpy(&p.arp.arp_tpa, &target_nip, 4);
 
     // send it
-    // Even though sock_fd is already bound to saddr, just send()
+    // Even though sock_fd is already bound to G.iface_sockaddr, just send()
     // won't work, because "socket is not connected"
     // (and connect() won't fix that, "operation not supported").
-    // Thus we sendto() to saddr. I wonder which sockaddr
+    // Thus we sendto() to G.iface_sockaddr. I wonder which sockaddr
     // (from bind() or from sendto()?) kernel actually uses
     // to determine iface to emit the packet from...
-    xsendto(sock_fd, &p, sizeof(p), &saddr, sizeof(saddr));
+    xsendto(sock_fd, &p, sizeof(p), &G.iface_sockaddr, sizeof(G.iface_sockaddr));
 #undef source_eth
 }
@@ -155 +163 @@
  * argv[0]:intf argv[1]:script_name argv[2]:junk argv[3]:NULL
  */
-static int run(char *argv[3], const char *param, struct in_addr *ip)
+static int run(char *argv[3], const char *param, uint32_t nip)
 {
     int status;
-    char *addr = addr; /* for gcc */
+    const char *addr = addr; /* for gcc */
     const char *fmt = "%s %s %s" + 3;
 
@@ -165 +173 @@
     VDBG("%s run %s %s\n", argv[0], argv[1], argv[2]);
 
-    if (ip) {
-        addr = inet_ntoa(*ip);
+    if (nip != 0) {
+        addr = nip_to_a(nip);
         xsetenv("ip", addr);
         fmt -= 3;
     }
-    bb_info_msg(fmt, argv[2], argv[0], addr);
+    bb_error_msg(fmt, argv[2], argv[0], addr);
 
     status = spawn_and_wait(argv + 1);
@@ -187 +195 @@
 static ALWAYS_INLINE unsigned random_delay_ms(unsigned secs)
 {
-    return rand() % (secs * 1000);
+    return (unsigned)rand() % (secs * 1000);
 }
 
@@ -196 +204 @@
 int zcip_main(int argc UNUSED_PARAM, char **argv)
 {
+    char *r_opt;
+    const char *l_opt = "169.254.0.0";
     int state;
-    char *r_opt;
+    int nsent;
     unsigned opts;
 
-    // ugly trick, but I want these zeroed in one go
+    // Ugly trick, but I want these zeroed in one go
     struct {
-        const struct in_addr null_ip;
-        const struct ether_addr null_addr;
-        struct in_addr ip;
+        const struct ether_addr null_ethaddr;
         struct ifreq ifr;
-        int timeout_ms; /* must be signed */
-        unsigned conflicts;
-        unsigned nprobes;
-        unsigned nclaims;
-        int ready;
+        uint32_t chosen_nip;
+        int conflicts;
+        int timeout_ms; // must be signed
         int verbose;
     } L;
-#define null_ip    (L.null_ip   )
-#define null_addr  (L.null_addr )
-#define ip         (L.ip        )
-#define ifr        (L.ifr       )
-#define timeout_ms (L.timeout_ms)
-#define conflicts  (L.conflicts )
-#define nprobes    (L.nprobes   )
-#define nclaims    (L.nclaims   )
-#define ready      (L.ready     )
-#define verbose    (L.verbose   )
+#define null_ethaddr (L.null_ethaddr)
+#define ifr          (L.ifr         )
+#define chosen_nip   (L.chosen_nip  )
+#define conflicts    (L.conflicts   )
+#define timeout_ms   (L.timeout_ms  )
+#define verbose      (L.verbose     )
 
     memset(&L, 0, sizeof(L));
@@ -229 +231 @@
 #define FOREGROUND (opts & 1)
 #define QUIT       (opts & 2)
-    // parse commandline: prog [options] ifname script
+    // Parse commandline: prog [options] ifname script
     // exactly 2 args; -v accumulates and implies -f
     opt_complementary = "=2:vv:vf";
-    opts = getopt32(argv, "fqr:v", &r_opt, &verbose);
+    opts = getopt32(argv, "fqr:l:v", &r_opt, &l_opt, &verbose);
 #if !BB_MMU
     // on NOMMU reexec early (or else we will rerun things twice)
@@ -238 +240 @@
         bb_daemonize_or_rexec(0 /*was: DAEMON_CHDIR_ROOT*/, argv);
 #endif
-    // open an ARP socket
+    // Open an ARP socket
     // (need to do it before openlog to prevent openlog from taking
     // fd 3 (sock_fd==3))
@@ -247 +249 @@
         logmode |= LOGMODE_SYSLOG;
     }
+    bb_logenv_override();
+
+    { // -l n.n.n.n
+        struct in_addr net;
+        if (inet_aton(l_opt, &net) == 0
+         || (net.s_addr & htonl(IN_CLASSB_NET)) != net.s_addr
+        ) {
+            bb_error_msg_and_die("invalid network address");
+        }
+        G.localnet_ip = ntohl(net.s_addr);
+    }
     if (opts & 4) { // -r n.n.n.n
+        struct in_addr ip;
         if (inet_aton(r_opt, &ip) == 0
-         || (ntohl(ip.s_addr) & IN_CLASSB_NET) != LINKLOCAL_ADDR
+         || (ntohl(ip.s_addr) & IN_CLASSB_NET) != G.localnet_ip
         ) {
             bb_error_msg_and_die("invalid link address");
         }
+        chosen_nip = ip.s_addr;
     }
     argv += optind - 1;
@@ -265 +280 @@
     xsetenv("interface", argv_intf);
 
-    // initialize the interface (modprobe, ifup, etc)
-    if (run(argv, "init", NULL))
+    // Initialize the interface (modprobe, ifup, etc)
+    if (run(argv, "init", 0))
         return EXIT_FAILURE;
 
-    // initialize saddr
-    // saddr is: { u16 sa_family; u8 sa_data[14]; }
-    //memset(&saddr, 0, sizeof(saddr));
+    // Initialize G.iface_sockaddr
+    // G.iface_sockaddr is: { u16 sa_family; u8 sa_data[14]; }
+    //memset(&G.iface_sockaddr, 0, sizeof(G.iface_sockaddr));
     //TODO: are we leaving sa_family == 0 (AF_UNSPEC)?!
-    safe_strncpy(saddr.sa_data, argv_intf, sizeof(saddr.sa_data));
-
-    // bind to the interface's ARP socket
-    xbind(sock_fd, &saddr, sizeof(saddr));
-
-    // get the interface's ethernet address
+    safe_strncpy(G.iface_sockaddr.sa_data, argv_intf, sizeof(G.iface_sockaddr.sa_data));
+
+    // Bind to the interface's ARP socket
+    xbind(sock_fd, &G.iface_sockaddr, sizeof(G.iface_sockaddr));
+
+    // Get the interface's ethernet address
     //memset(&ifr, 0, sizeof(ifr));
     strncpy_IFNAMSIZ(ifr.ifr_name, argv_intf);
     xioctl(sock_fd, SIOCGIFHWADDR, &ifr);
-    memcpy(&eth_addr, &ifr.ifr_hwaddr.sa_data, ETH_ALEN);
-
-    // start with some stable ip address, either a function of
+    memcpy(&G.our_ethaddr, &ifr.ifr_hwaddr.sa_data, ETH_ALEN);
+
+    // Start with some stable ip address, either a function of
     // the hardware address or else the last address we used.
     // we are taking low-order four bytes, as top-order ones
@@ -292 +307 @@
     {
         uint32_t t;
-        move_from_unaligned32(t, ((char *)&eth_addr + 2));
+        move_from_unaligned32(t, ((char *)&G.our_ethaddr + 2));
         srand(t);
     }
-    if (ip.s_addr == 0)
-        ip.s_addr = pick();
-
     // FIXME cases to handle:
     //  - zcip already running!
     //  - link already has local address... just defend/update
 
-    // daemonize now; don't delay system startup
+    // Daemonize now; don't delay system startup
     if (!FOREGROUND) {
 #if BB_MMU
         bb_daemonize(0 /*was: DAEMON_CHDIR_ROOT*/);
 #endif
-        bb_info_msg("start, interface %s", argv_intf);
-    }
-
-    // run the dynamic address negotiation protocol,
+        bb_error_msg("start, interface %s", argv_intf);
+    }
+
+    // Run the dynamic address negotiation protocol,
     // restarting after address conflicts:
     //  - start with some address we want to try
     //  - short random delay
     //  - arp probes to see if another host uses it
+    //    00:04:e2:64:23:c2 > ff:ff:ff:ff:ff:ff arp who-has 169.254.194.171 tell 0.0.0.0
     //  - arp announcements that we're claiming it
+    //    00:04:e2:64:23:c2 > ff:ff:ff:ff:ff:ff arp who-has 169.254.194.171 (00:04:e2:64:23:c2) tell 169.254.194.171
     //  - use it
     //  - defend it, within limits
@@ -323 +337 @@
     // - poll error (when does this happen?)
     // - read error (when does this happen?)
-    // - sendto error (in arp()) (when does this happen?)
+    // - sendto error (in send_arp_request()) (when does this happen?)
     // - revents & POLLERR (link down). run "<script> deconfig" first
+    if (chosen_nip == 0) {
+ new_nip_and_PROBE:
+        chosen_nip = pick_nip();
+    }
+    nsent = 0;
     state = PROBE;
     while (1) {
         struct pollfd fds[1];
-        unsigned deadline_us;
+        unsigned deadline_us = deadline_us;
         struct arp_packet p;
-        int source_ip_conflict;
-        int target_ip_conflict;
+        int ip_conflict;
+        int n;
 
         fds[0].fd = sock_fd;
@@ -337 +356 @@
         fds[0].revents = 0;
 
-        // poll, being ready to adjust current timeout
+        // Poll, being ready to adjust current timeout
         if (!timeout_ms) {
             timeout_ms = random_delay_ms(PROBE_WAIT);
@@ -344 +363 @@
             // ones we'd care about.
         }
-        // set deadline_us to the point in time when we timeout
-        deadline_us = MONOTONIC_US() + timeout_ms * 1000;
-
-        VDBG("...wait %d %s nprobes=%u, nclaims=%u\n",
-                timeout_ms, argv_intf, nprobes, nclaims);
-
-        switch (safe_poll(fds, 1, timeout_ms)) {
-
-        default:
+        if (timeout_ms >= 0) {
+            // Set deadline_us to the point in time when we timeout
+            deadline_us = MONOTONIC_US() + timeout_ms * 1000;
+        }
+
+        VDBG("...wait %d %s nsent=%u\n",
+                timeout_ms, argv_intf, nsent);
+
+        n = safe_poll(fds, 1, timeout_ms);
+        if (n < 0) {
             //bb_perror_msg("poll"); - done in safe_poll
             return EXIT_FAILURE;
-
-        // timeout
-        case 0:
-            VDBG("state = %d\n", state);
+        }
+        if (n == 0) { // timed out?
+            VDBG("state:%d\n", state);
             switch (state) {
             case PROBE:
-                // timeouts in the PROBE state mean no conflicting ARP packets
-                // have been received, so we can progress through the states
-                if (nprobes < PROBE_NUM) {
-                    nprobes++;
+                // No conflicting ARP packets were seen:
+                // we can progress through the states
+                if (nsent < PROBE_NUM) {
+                    nsent++;
                     VDBG("probe/%u %s@%s\n",
-                            nprobes, argv_intf, inet_ntoa(ip));
-                    arp(/* ARPOP_REQUEST, */
-                            /* &eth_addr, */ null_ip,
-                            &null_addr, ip);
+                            nsent, argv_intf, nip_to_a(chosen_nip));
                     timeout_ms = PROBE_MIN * 1000;
                     timeout_ms += random_delay_ms(PROBE_MAX - PROBE_MIN);
+                    send_arp_request(0, &null_ethaddr, chosen_nip);
+                    continue;
                 }
-                else {
-                    // Switch to announce state.
-                    state = ANNOUNCE;
-                    nclaims = 0;
+                // Switch to announce state
+                nsent = 0;
+                state = ANNOUNCE;
+                goto send_announce;
+            case ANNOUNCE:
+                // No conflicting ARP packets were seen:
+                // we can progress through the states
+                if (nsent < ANNOUNCE_NUM) {
+ send_announce:
+                    nsent++;
                     VDBG("announce/%u %s@%s\n",
-                            nclaims, argv_intf, inet_ntoa(ip));
-                    arp(/* ARPOP_REQUEST, */
-                            /* &eth_addr, */ ip,
-                            &eth_addr, ip);
+                            nsent, argv_intf, nip_to_a(chosen_nip));
                     timeout_ms = ANNOUNCE_INTERVAL * 1000;
+                    send_arp_request(chosen_nip, &G.our_ethaddr, chosen_nip);
+                    continue;
                 }
-                break;
-            case RATE_LIMIT_PROBE:
-                // timeouts in the RATE_LIMIT_PROBE state mean no conflicting ARP packets
-                // have been received, so we can move immediately to the announce state
-                state = ANNOUNCE;
-                nclaims = 0;
-                VDBG("announce/%u %s@%s\n",
-                        nclaims, argv_intf, inet_ntoa(ip));
-                arp(/* ARPOP_REQUEST, */
-                        /* &eth_addr, */ ip,
-                        &eth_addr, ip);
-                timeout_ms = ANNOUNCE_INTERVAL * 1000;
-                break;
-            case ANNOUNCE:
-                // timeouts in the ANNOUNCE state mean no conflicting ARP packets
-                // have been received, so we can progress through the states
-                if (nclaims < ANNOUNCE_NUM) {
-                    nclaims++;
-                    VDBG("announce/%u %s@%s\n",
-                            nclaims, argv_intf, inet_ntoa(ip));
-                    arp(/* ARPOP_REQUEST, */
-                            /* &eth_addr, */ ip,
-                            &eth_addr, ip);
-                    timeout_ms = ANNOUNCE_INTERVAL * 1000;
-                }
-                else {
-                    // Switch to monitor state.
-                    state = MONITOR;
-                    // link is ok to use earlier
-                    // FIXME update filters
-                    run(argv, "config", &ip);
-                    ready = 1;
-                    conflicts = 0;
-                    timeout_ms = -1; // Never timeout in the monitor state.
-
-                    // NOTE: all other exit paths
-                    // should deconfig ...
-                    if (QUIT)
-                        return EXIT_SUCCESS;
-                }
-                break;
-            case DEFEND:
-                // We won!  No ARP replies, so just go back to monitor.
+                // Switch to monitor state
+                // FIXME update filters
+                run(argv, "config", chosen_nip);
+                // NOTE: all other exit paths should deconfig...
+                if (QUIT)
+                    return EXIT_SUCCESS;
+                // fall through: switch to MONITOR
+            default:
+            // case DEFEND:
+            // case MONITOR: (shouldn't happen, MONITOR timeout is infinite)
+                // Defend period ended with no ARP replies - we won
+                timeout_ms = -1; // never timeout in monitor state
                 state = MONITOR;
-                timeout_ms = -1;
-                conflicts = 0;
-                break;
-            default:
-                // Invalid, should never happen.  Restart the whole protocol.
-                state = PROBE;
-                ip.s_addr = pick();
-                timeout_ms = 0;
-                nprobes = 0;
-                nclaims = 0;
-                break;
-            } // switch (state)
-            break; // case 0 (timeout)
-
-        // packets arriving, or link went down
-        case 1:
-            // We need to adjust the timeout in case we didn't receive
-            // a conflicting packet.
-            if (timeout_ms > 0) {
-                unsigned diff = deadline_us - MONOTONIC_US();
-                if ((int)(diff) < 0) {
-                    // Current time is greater than the expected timeout time.
-                    // Should never happen.
-                    VDBG("missed an expected timeout\n");
-                    timeout_ms = 0;
-                } else {
-                    VDBG("adjusting timeout\n");
-                    timeout_ms = (diff / 1000) | 1; /* never 0 */
-                }
-            }
-
-            if ((fds[0].revents & POLLIN) == 0) {
-                if (fds[0].revents & POLLERR) {
-                    // FIXME: links routinely go down;
-                    // this shouldn't necessarily exit.
-                    bb_error_msg("iface %s is down", argv_intf);
-                    if (ready) {
-                        run(argv, "deconfig", &ip);
-                    }
-                    return EXIT_FAILURE;
-                }
                 continue;
             }
-
-            // read ARP packet
-            if (safe_read(sock_fd, &p, sizeof(p)) < 0) {
-                bb_perror_msg_and_die(bb_msg_read_error);
+        }
+
+        // Packet arrived, or link went down.
+        // We need to adjust the timeout in case we didn't receive
+        // a conflicting packet.
+        if (timeout_ms > 0) {
+            unsigned diff = deadline_us - MONOTONIC_US();
+            if ((int)(diff) < 0) {
+                // Current time is greater than the expected timeout time.
+                diff = 0;
             }
-            if (p.eth.ether_type != htons(ETHERTYPE_ARP))
-                continue;
+            VDBG("adjusting timeout\n");
+            timeout_ms = (diff / 1000) | 1; // never 0
+        }
+
+        if ((fds[0].revents & POLLIN) == 0) {
+            if (fds[0].revents & POLLERR) {
+                // FIXME: links routinely go down;
+                // this shouldn't necessarily exit.
+                bb_error_msg("iface %s is down", argv_intf);
+                if (state >= MONITOR) {
+                    // Only if we are in MONITOR or DEFEND
+                    run(argv, "deconfig", chosen_nip);
+                }
+                return EXIT_FAILURE;
+            }
+            continue;
+        }
+
+        // Read ARP packet
+        if (safe_read(sock_fd, &p, sizeof(p)) < 0) {
+            bb_perror_msg_and_die(bb_msg_read_error);
+        }
+
+        if (p.eth.ether_type != htons(ETHERTYPE_ARP))
+            continue;
+        if (p.arp.arp_op != htons(ARPOP_REQUEST)
+         && p.arp.arp_op != htons(ARPOP_REPLY)
+        ) {
+            continue;
+        }
 #ifdef DEBUG
-            {
-                struct ether_addr *sha = (struct ether_addr *) p.arp.arp_sha;
-                struct ether_addr *tha = (struct ether_addr *) p.arp.arp_tha;
-                struct in_addr *spa = (struct in_addr *) p.arp.arp_spa;
-                struct in_addr *tpa = (struct in_addr *) p.arp.arp_tpa;
-                VDBG("%s recv arp type=%d, op=%d,\n",
-                    argv_intf, ntohs(p.eth.ether_type),
-                    ntohs(p.arp.arp_op));
-                VDBG("\tsource=%s %s\n",
-                    ether_ntoa(sha),
-                    inet_ntoa(*spa));
-                VDBG("\ttarget=%s %s\n",
-                    ether_ntoa(tha),
-                    inet_ntoa(*tpa));
-            }
+        {
+            struct ether_addr *sha = (struct ether_addr *) p.arp.arp_sha;
+            struct ether_addr *tha = (struct ether_addr *) p.arp.arp_tha;
+            struct in_addr *spa = (struct in_addr *) p.arp.arp_spa;
+            struct in_addr *tpa = (struct in_addr *) p.arp.arp_tpa;
+            VDBG("source=%s %s\n", ether_ntoa(sha), inet_ntoa(*spa));
+            VDBG("target=%s %s\n", ether_ntoa(tha), inet_ntoa(*tpa));
+        }
 #endif
-            if (p.arp.arp_op != htons(ARPOP_REQUEST)
-             && p.arp.arp_op != htons(ARPOP_REPLY))
-                continue;
-
-            source_ip_conflict = 0;
-            target_ip_conflict = 0;
-
-            if (memcmp(p.arp.arp_spa, &ip.s_addr, sizeof(struct in_addr)) == 0
-             && memcmp(&p.arp.arp_sha, &eth_addr, ETH_ALEN) != 0
-            ) {
-                source_ip_conflict = 1;
+        ip_conflict = 0;
+        if (memcmp(&p.arp.arp_sha, &G.our_ethaddr, ETH_ALEN) != 0) {
+            if (memcmp(p.arp.arp_spa, &chosen_nip, 4) == 0) {
+                // A probe or reply with source_ip == chosen ip
+                ip_conflict = 1;
             }
             if (p.arp.arp_op == htons(ARPOP_REQUEST)
-             && memcmp(p.arp.arp_tpa, &ip.s_addr, sizeof(struct in_addr)) == 0
-             && memcmp(&p.arp.arp_tha, &eth_addr, ETH_ALEN) != 0
+             && memcmp(p.arp.arp_spa, &const_int_0, 4) == 0
+             && memcmp(p.arp.arp_tpa, &chosen_nip, 4) == 0
             ) {
-                target_ip_conflict = 1;
+                // A probe with source_ip == 0.0.0.0, target_ip == chosen ip:
+                // another host trying to claim this ip!
+                ip_conflict |= 2;
             }
-
-            VDBG("state = %d, source ip conflict = %d, target ip conflict = %d\n",
-                state, source_ip_conflict, target_ip_conflict);
-            switch (state) {
-            case PROBE:
-            case ANNOUNCE:
-                // When probing or announcing, check for source IP conflicts
-                // and other hosts doing ARP probes (target IP conflicts).
-                if (source_ip_conflict || target_ip_conflict) {
-                    conflicts++;
-                    if (conflicts >= MAX_CONFLICTS) {
-                        VDBG("%s ratelimit\n", argv_intf);
-                        timeout_ms = RATE_LIMIT_INTERVAL * 1000;
-                        state = RATE_LIMIT_PROBE;
-                    }
-
-                    // restart the whole protocol
-                    ip.s_addr = pick();
-                    timeout_ms = 0;
-                    nprobes = 0;
-                    nclaims = 0;
-                }
-                break;
-            case MONITOR:
-                // If a conflict, we try to defend with a single ARP probe.
-                if (source_ip_conflict) {
-                    VDBG("monitor conflict -- defending\n");
-                    state = DEFEND;
-                    timeout_ms = DEFEND_INTERVAL * 1000;
-                    arp(/* ARPOP_REQUEST, */
-                        /* &eth_addr, */ ip,
-                        &eth_addr, ip);
-                }
-                break;
-            case DEFEND:
-                // Well, we tried.  Start over (on conflict).
-                if (source_ip_conflict) {
-                    state = PROBE;
-                    VDBG("defend conflict -- starting over\n");
-                    ready = 0;
-                    run(argv, "deconfig", &ip);
-
-                    // restart the whole protocol
-                    ip.s_addr = pick();
-                    timeout_ms = 0;
-                    nprobes = 0;
-                    nclaims = 0;
-                }
-                break;
-            default:
-                // Invalid, should never happen.  Restart the whole protocol.
-                VDBG("invalid state -- starting over\n");
-                state = PROBE;
-                ip.s_addr = pick();
-                timeout_ms = 0;
-                nprobes = 0;
-                nclaims = 0;
-                break;
-            } // switch state
-            break; // case 1 (packets arriving)
-        } // switch poll
+        }
+        VDBG("state:%d ip_conflict:%d\n", state, ip_conflict);
+        if (!ip_conflict)
+            continue;
+
+        // Either src or target IP conflict exists
+        if (state <= ANNOUNCE) {
+            // PROBE or ANNOUNCE
+            conflicts++;
+            timeout_ms = PROBE_MIN * 1000
+                + CONFLICT_MULTIPLIER * random_delay_ms(conflicts);
+            goto new_nip_and_PROBE;
+        }
+
+        // MONITOR or DEFEND: only src IP conflict is a problem
+        if (ip_conflict & 1) {
+            if (state == MONITOR) {
+                // Src IP conflict, defend with a single ARP probe
+                VDBG("monitor conflict - defending\n");
+                timeout_ms = DEFEND_INTERVAL * 1000;
+                state = DEFEND;
+                send_arp_request(chosen_nip, &G.our_ethaddr, chosen_nip);
+                continue;
+            }
+            // state == DEFEND
+            // Another src IP conflict, start over
+            VDBG("defend conflict - starting over\n");
+            run(argv, "deconfig", chosen_nip);
+            conflicts = 0;
+            timeout_ms = 0;
+            goto new_nip_and_PROBE;
+        }
+        // Note: if we only have a target IP conflict here (ip_conflict & 2),
+        // IOW: if we just saw this sort of ARP packet:
+        //  aa:bb:cc:dd:ee:ff > xx:xx:xx:xx:xx:xx arp who-has <chosen_nip> tell 0.0.0.0
+        // we expect _kernel_ to respond to that, because <chosen_nip>
+        // is (expected to be) configured on this iface.
     } // while (1)
 #undef argv_intf