From: Simon Horman <horms@verge.net.au>
To: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org,
netfilter@vger.kernel.org, lvs-devel@vger.kernel.org
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
Julian Anastasov <ja@ssi.bg>,
Hans Schillstrom <hans@schillstrom.com>,
Simon Horman <horms@verge.net.au>
Subject: [PATCH 07/20] IPVS: Add ip_vs_route_me_harder()
Date: Mon, 14 Mar 2011 12:45:33 +0900 [thread overview]
Message-ID: <1300074346-13799-8-git-send-email-horms@verge.net.au> (raw)
In-Reply-To: <1300074346-13799-1-git-send-email-horms@verge.net.au>
Add ip_vs_route_me_harder() to avoid repeating the same code twice.
Signed-off-by: Simon Horman <horms@verge.net.au>
---
net/netfilter/ipvs/ip_vs_core.c | 48 +++++++++++++++++---------------------
1 files changed, 22 insertions(+), 26 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index 6f4940e..299c7f3 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -631,6 +631,24 @@ static inline int ip_vs_gather_frags_v6(struct sk_buff *skb, u_int32_t user)
}
#endif
+static int ip_vs_route_me_harder(int af, struct sk_buff *skb)
+{
+ struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
+
+#ifdef CONFIG_IP_VS_IPV6
+ if (af == AF_INET6) {
+ if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
+ return 1;
+ } else
+#endif
+ if ((ipvs->sysctl_snat_reroute ||
+ skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
+ ip_route_me_harder(skb, RTN_LOCAL) != 0)
+ return 1;
+
+ return 0;
+}
+
/*
* Packet has been made sufficiently writable in caller
* - inout: 1=in->out, 0=out->in
@@ -737,7 +755,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
struct ip_vs_protocol *pp,
unsigned int offset, unsigned int ihl)
{
- struct netns_ipvs *ipvs;
unsigned int verdict = NF_DROP;
if (IP_VS_FWD_METHOD(cp) != 0) {
@@ -759,8 +776,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
if (!skb_make_writable(skb, offset))
goto out;
- ipvs = net_ipvs(skb_net(skb));
-
#ifdef CONFIG_IP_VS_IPV6
if (af == AF_INET6)
ip_vs_nat_icmp_v6(skb, pp, cp, 1);
@@ -768,16 +783,8 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
#endif
ip_vs_nat_icmp(skb, pp, cp, 1);
-#ifdef CONFIG_IP_VS_IPV6
- if (af == AF_INET6) {
- if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
- goto out;
- } else
-#endif
- if ((ipvs->sysctl_snat_reroute ||
- skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
- ip_route_me_harder(skb, RTN_LOCAL) != 0)
- goto out;
+ if (ip_vs_route_me_harder(af, skb))
+ goto out;
/* do the statistics and put it back */
ip_vs_out_stats(cp, skb);
@@ -985,7 +992,6 @@ handle_response(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd,
struct ip_vs_conn *cp, int ihl)
{
struct ip_vs_protocol *pp = pd->pp;
- struct netns_ipvs *ipvs;
IP_VS_DBG_PKT(11, af, pp, skb, 0, "Outgoing packet");
@@ -1021,18 +1027,8 @@ handle_response(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd,
* if it came from this machine itself. So re-compute
* the routing information.
*/
- ipvs = net_ipvs(skb_net(skb));
-
-#ifdef CONFIG_IP_VS_IPV6
- if (af == AF_INET6) {
- if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
- goto drop;
- } else
-#endif
- if ((ipvs->sysctl_snat_reroute ||
- skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
- ip_route_me_harder(skb, RTN_LOCAL) != 0)
- goto drop;
+ if (ip_vs_route_me_harder(af, skb))
+ goto drop;
IP_VS_DBG_PKT(10, af, pp, skb, 0, "After SNAT");
--
1.7.2.3
next prev parent reply other threads:[~2011-03-14 3:45 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-14 3:45 [patch v3 00/20] IPVS: Proposed Changes Simon Horman
2011-03-14 3:45 ` [PATCH 01/20] ipvs: move struct netns_ipvs Simon Horman
2011-03-14 3:45 ` [PATCH 02/20] ipvs: reorganize tot_stats Simon Horman
2011-03-14 4:28 ` Eric Dumazet
2011-03-14 9:21 ` Julian Anastasov
2011-03-14 3:45 ` [PATCH 03/20] ipvs: properly zero stats and rates Simon Horman
2011-03-14 4:09 ` Eric Dumazet
2011-03-14 3:45 ` [PATCH 04/20] ipvs: remove unused seqcount stats Simon Horman
2011-03-14 3:45 ` [PATCH 05/20] ipvs: optimize rates reading Simon Horman
2011-03-14 3:45 ` [PATCH 06/20] ipvs: rename estimator functions Simon Horman
2011-03-14 3:45 ` Simon Horman [this message]
2011-03-14 3:45 ` [PATCH 08/20] IPVS: Add sysctl_snat_reroute() Simon Horman
2011-03-14 3:45 ` [PATCH 09/20] IPVS: Add sysctl_nat_icmp_send() Simon Horman
2011-03-14 3:45 ` [PATCH 10/20] IPVS: Add {sysctl_sync_threshold,period}() Simon Horman
2011-03-14 3:45 ` [PATCH 11/20] IPVS: Add sysctl_sync_ver() Simon Horman
2011-03-14 3:45 ` [PATCH 12/20] IPVS: Add sysctl_expire_nodest_conn() Simon Horman
2011-03-14 3:45 ` [PATCH 13/20] IPVS: Add expire_quiescent_template() Simon Horman
2011-03-14 3:45 ` [PATCH 14/20] IPVS: Conditinally use sysctl_lblc{r}_expiration Simon Horman
2011-03-14 3:45 ` [PATCH 15/20] IPVS: ip_vs_todrop() becomes a noop when CONFIG_SYSCTL is undefined Simon Horman
2011-03-14 3:45 ` [PATCH 16/20] IPVS: Conditional ip_vs_conntrack_enabled() Simon Horman
2011-03-14 3:45 ` [PATCH 17/20] IPVS: Minimise ip_vs_leave when CONFIG_SYSCTL is undefined Simon Horman
2011-03-14 3:45 ` [PATCH 18/20] IPVS: Conditionally define and use ip_vs_lblc{r}_table Simon Horman
2011-03-14 3:45 ` [PATCH 19/20] IPVS: Add __ip_vs_control_{init,cleanup}_sysctl() Simon Horman
2011-03-14 3:45 ` [PATCH 20/20] IPVS: Conditionally include sysctl members of struct netns_ipvs Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1300074346-13799-8-git-send-email-horms@verge.net.au \
--to=horms@verge.net.au \
--cc=eric.dumazet@gmail.com \
--cc=hans@schillstrom.com \
--cc=ja@ssi.bg \
--cc=lvs-devel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).