From: Simon Horman <horms@verge.net.au>
To: lvs-devel@vger.kernel.org, netdev@vger.kernel.org,
netfilter@vger.kernel.org, netfilter-devel@vger.kernel.org
Cc: Jan Engelhardt <jengelh@medozas.de>,
Stephen Hemminger <shemminger@vyatta.com>,
Wensong Zhang <wensong@linux-vs.org>,
Julian Anastasov <ja@ssi.bg>, Patrick McHardy <kaber@trash.net>
Subject: [patch v1 11/12] IPVS: Fallback if persistence engine fails
Date: Sun, 22 Aug 2010 21:45:08 +0900 [thread overview]
Message-ID: <20100822124900.505995463@vergenet.net> (raw)
In-Reply-To: 20100822124457.339517323@vergenet.net
[-- Attachment #1: pe-fallback.patch --]
[-- Type: text/plain, Size: 2929 bytes --]
Fall back to normal persistence handling if the persistence
engine fails to recognise a packet.
This way, at least the packet will go somewhere.
It is envisaged that iptables could be used to block packets
such if this is not desired although nf_conntrack_sip would
likely need to be enhanced first.
Signed-off-by: Simon Horman <horms@verge.net.au>
Index: nf-next-2.6/net/netfilter/ipvs/ip_vs_conn.c
===================================================================
--- nf-next-2.6.orig/net/netfilter/ipvs/ip_vs_conn.c 2010-07-27 22:10:18.000000000 +0900
+++ nf-next-2.6/net/netfilter/ipvs/ip_vs_conn.c 2010-07-27 22:12:05.000000000 +0900
@@ -150,7 +150,7 @@ static unsigned int ip_vs_conn_hashkey(i
static unsigned int ip_vs_conn_hashkey_param(const struct ip_vs_conn_param *p)
{
- if (p->pe && p->pe->hashkey_raw)
+ if (p->pe_data && p->pe->hashkey_raw)
return p->pe->hashkey_raw(p, ip_vs_conn_rnd) &
ip_vs_conn_tab_mask;
return ip_vs_conn_hashkey(p->af, p->protocol, p->caddr, p->cport);
@@ -340,7 +340,7 @@ struct ip_vs_conn *ip_vs_ct_in_get(const
ct_read_lock(hash);
list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) {
- if (p->pe && p->pe->ct_match) {
+ if (p->pe_data && p->pe->ct_match) {
if (p->pe->ct_match(p, cp))
goto out;
continue;
@@ -927,7 +927,7 @@ static int ip_vs_conn_seq_show(struct se
char pe_data[IP_VS_PENAME_MAXLEN + IP_VS_PEDATA_MAXLEN + 3];
size_t len = 0;
- if (cp->dest->svc->pe && cp->dest->svc->pe->show_pe_data) {
+ if (cp->pe_data && cp->dest->svc->pe->show_pe_data) {
pe_data[0] = ' ';
len = strlen(cp->dest->svc->pe->name);
memcpy(pe_data + 1, cp->dest->svc->pe->name, len);
Index: nf-next-2.6/net/netfilter/ipvs/ip_vs_core.c
===================================================================
--- nf-next-2.6.orig/net/netfilter/ipvs/ip_vs_core.c 2010-07-27 22:10:18.000000000 +0900
+++ nf-next-2.6/net/netfilter/ipvs/ip_vs_core.c 2010-07-27 22:12:05.000000000 +0900
@@ -175,7 +175,7 @@ ip_vs_set_state(struct ip_vs_conn *cp, i
return pp->state_transition(cp, direction, skb, pp);
}
-static inline int
+static inline void
ip_vs_conn_fill_param_persist(const struct ip_vs_service *svc,
struct sk_buff *skb, int protocol,
const union nf_inet_addr *caddr, __be16 cport,
@@ -185,8 +185,7 @@ ip_vs_conn_fill_param_persist(const stru
ip_vs_conn_fill_param(svc->af, protocol, caddr, cport, vaddr, vport, p);
p->pe = svc->pe;
if (p->pe && p->pe->fill_param)
- return p->pe->fill_param(p, skb);
- return 0;
+ p->pe->fill_param(p, skb);
}
/*
@@ -267,9 +266,8 @@ ip_vs_sched_persist(struct ip_vs_service
vaddr = &fwmark;
}
}
- if (ip_vs_conn_fill_param_persist(svc, skb, protocol, &snet, 0,
- vaddr, vport, ¶m))
- return NULL;
+ ip_vs_conn_fill_param_persist(svc, skb, protocol, &snet, 0,
+ vaddr, vport, ¶m);
}
/* Check if a template already exists */
next prev parent reply other threads:[~2010-08-22 12:45 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-22 12:44 [patch v1 00/12] IPVS: SIP Persistence Engine Simon Horman
2010-08-22 12:44 ` [patch v1 01/12] netfilter: nf_conntrack_sip: Allow ct_sip_get_header() to be called with a null ct argument Simon Horman
2010-08-22 12:44 ` [patch v1 02/12] netfilter: nf_conntrack_sip: Add callid parser Simon Horman
2010-08-22 12:45 ` [patch v1 03/12] IPVS: compact ip_vs_sched_persist() Simon Horman
2010-08-22 12:45 ` [patch v1 04/12] IPVS: Add struct ip_vs_conn_param Simon Horman
2010-08-22 12:45 ` [patch v1 05/12] IPVS: Allow null argument to ip_vs_scheduler_put() Simon Horman
2010-08-22 12:45 ` [patch v1 06/12] IPVS: ip_vs_{un,}bind_scheduler NULL arguments Simon Horman
2010-08-22 12:45 ` [patch v1 07/12] IPVS: Add struct ip_vs_pe Simon Horman
2010-08-22 12:45 ` [patch v1 08/12] IPVS: Add persistence engine data to /proc/net/ip_vs_conn Simon Horman
2010-08-22 12:45 ` [patch v1 09/12] IPVS: management of persistence engine modules Simon Horman
2010-08-22 12:45 ` [patch v1 10/12] IPVS: Allow configuration of persistence engines Simon Horman
2010-08-22 12:45 ` Simon Horman [this message]
2010-08-22 12:45 ` [patch v1 12/12] IPVS: sip persistence engine Simon Horman
2010-08-22 12:57 ` [patch v1 00/12] IPVS: SIP Persistence Engine Simon Horman
2010-09-16 8:12 ` Patrick McHardy
2010-09-17 2:52 ` Simon Horman
2010-09-17 11:53 ` Patrick McHardy
2010-09-18 12:52 ` Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100822124900.505995463@vergenet.net \
--to=horms@verge.net.au \
--cc=ja@ssi.bg \
--cc=jengelh@medozas.de \
--cc=kaber@trash.net \
--cc=lvs-devel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
--cc=shemminger@vyatta.com \
--cc=wensong@linux-vs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.