From: Simon Horman <horms@verge.net.au>
To: lvs-devel@vger.kernel.org, netdev@vger.kernel.org,
netfilter@vger.kernel.org, netfilter-devel@vger.kernel.org
Cc: Jan Engelhardt <jengelh@medozas.de>,
Stephen Hemminger <shemminger@vyatta.com>,
Wensong Zhang <wensong@linux-vs.org>,
Julian Anastasov <ja@ssi.bg>, Patrick McHardy <kaber@trash.net>
Subject: [patch v1 11/12] IPVS: Fallback if persistence engine fails
Date: Sun, 22 Aug 2010 21:45:08 +0900 [thread overview]
Message-ID: <20100822124900.505995463@vergenet.net> (raw)
In-Reply-To: 20100822124457.339517323@vergenet.net
[-- Attachment #1: pe-fallback.patch --]
[-- Type: text/plain, Size: 2929 bytes --]
Fall back to normal persistence handling if the persistence
engine fails to recognise a packet.
This way, at least the packet will go somewhere.
It is envisaged that iptables could be used to block packets
such if this is not desired although nf_conntrack_sip would
likely need to be enhanced first.
Signed-off-by: Simon Horman <horms@verge.net.au>
Index: nf-next-2.6/net/netfilter/ipvs/ip_vs_conn.c
===================================================================
--- nf-next-2.6.orig/net/netfilter/ipvs/ip_vs_conn.c 2010-07-27 22:10:18.000000000 +0900
+++ nf-next-2.6/net/netfilter/ipvs/ip_vs_conn.c 2010-07-27 22:12:05.000000000 +0900
@@ -150,7 +150,7 @@ static unsigned int ip_vs_conn_hashkey(i
static unsigned int ip_vs_conn_hashkey_param(const struct ip_vs_conn_param *p)
{
- if (p->pe && p->pe->hashkey_raw)
+ if (p->pe_data && p->pe->hashkey_raw)
return p->pe->hashkey_raw(p, ip_vs_conn_rnd) &
ip_vs_conn_tab_mask;
return ip_vs_conn_hashkey(p->af, p->protocol, p->caddr, p->cport);
@@ -340,7 +340,7 @@ struct ip_vs_conn *ip_vs_ct_in_get(const
ct_read_lock(hash);
list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) {
- if (p->pe && p->pe->ct_match) {
+ if (p->pe_data && p->pe->ct_match) {
if (p->pe->ct_match(p, cp))
goto out;
continue;
@@ -927,7 +927,7 @@ static int ip_vs_conn_seq_show(struct se
char pe_data[IP_VS_PENAME_MAXLEN + IP_VS_PEDATA_MAXLEN + 3];
size_t len = 0;
- if (cp->dest->svc->pe && cp->dest->svc->pe->show_pe_data) {
+ if (cp->pe_data && cp->dest->svc->pe->show_pe_data) {
pe_data[0] = ' ';
len = strlen(cp->dest->svc->pe->name);
memcpy(pe_data + 1, cp->dest->svc->pe->name, len);
Index: nf-next-2.6/net/netfilter/ipvs/ip_vs_core.c
===================================================================
--- nf-next-2.6.orig/net/netfilter/ipvs/ip_vs_core.c 2010-07-27 22:10:18.000000000 +0900
+++ nf-next-2.6/net/netfilter/ipvs/ip_vs_core.c 2010-07-27 22:12:05.000000000 +0900
@@ -175,7 +175,7 @@ ip_vs_set_state(struct ip_vs_conn *cp, i
return pp->state_transition(cp, direction, skb, pp);
}
-static inline int
+static inline void
ip_vs_conn_fill_param_persist(const struct ip_vs_service *svc,
struct sk_buff *skb, int protocol,
const union nf_inet_addr *caddr, __be16 cport,
@@ -185,8 +185,7 @@ ip_vs_conn_fill_param_persist(const stru
ip_vs_conn_fill_param(svc->af, protocol, caddr, cport, vaddr, vport, p);
p->pe = svc->pe;
if (p->pe && p->pe->fill_param)
- return p->pe->fill_param(p, skb);
- return 0;
+ p->pe->fill_param(p, skb);
}
/*
@@ -267,9 +266,8 @@ ip_vs_sched_persist(struct ip_vs_service
vaddr = &fwmark;
}
}
- if (ip_vs_conn_fill_param_persist(svc, skb, protocol, &snet, 0,
- vaddr, vport, ¶m))
- return NULL;
+ ip_vs_conn_fill_param_persist(svc, skb, protocol, &snet, 0,
+ vaddr, vport, ¶m);
}
/* Check if a template already exists */
next prev parent reply other threads:[~2010-08-22 12:45 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-22 12:44 [patch v1 00/12] IPVS: SIP Persistence Engine Simon Horman
2010-08-22 12:44 ` [patch v1 01/12] netfilter: nf_conntrack_sip: Allow ct_sip_get_header() to be called with a null ct argument Simon Horman
2010-08-22 12:44 ` [patch v1 02/12] netfilter: nf_conntrack_sip: Add callid parser Simon Horman
2010-08-22 12:45 ` [patch v1 03/12] IPVS: compact ip_vs_sched_persist() Simon Horman
2010-08-22 12:45 ` [patch v1 04/12] IPVS: Add struct ip_vs_conn_param Simon Horman
2010-08-22 12:45 ` [patch v1 05/12] IPVS: Allow null argument to ip_vs_scheduler_put() Simon Horman
2010-08-22 12:45 ` [patch v1 06/12] IPVS: ip_vs_{un,}bind_scheduler NULL arguments Simon Horman
2010-08-22 12:45 ` [patch v1 07/12] IPVS: Add struct ip_vs_pe Simon Horman
2010-08-22 12:45 ` [patch v1 08/12] IPVS: Add persistence engine data to /proc/net/ip_vs_conn Simon Horman
2010-08-22 12:45 ` [patch v1 09/12] IPVS: management of persistence engine modules Simon Horman
2010-08-22 12:45 ` [patch v1 10/12] IPVS: Allow configuration of persistence engines Simon Horman
2010-08-22 12:45 ` Simon Horman [this message]
2010-08-22 12:45 ` [patch v1 12/12] IPVS: sip persistence engine Simon Horman
2010-08-22 12:57 ` [patch v1 00/12] IPVS: SIP Persistence Engine Simon Horman
2010-09-16 8:12 ` Patrick McHardy
2010-09-17 2:52 ` Simon Horman
2010-09-17 11:53 ` Patrick McHardy
2010-09-18 12:52 ` Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100822124900.505995463@vergenet.net \
--to=horms@verge.net.au \
--cc=ja@ssi.bg \
--cc=jengelh@medozas.de \
--cc=kaber@trash.net \
--cc=lvs-devel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
--cc=shemminger@vyatta.com \
--cc=wensong@linux-vs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox