diff options
author | Julian Anastasov <ja@ssi.bg> | 2010-10-17 09:21:07 -0400 |
---|---|---|
committer | Simon Horman <horms@verge.net.au> | 2010-10-21 04:50:20 -0400 |
commit | cf356d69db0afef692cd640917bc70f708c27f14 (patch) | |
tree | 1c1e0a277ba783066e639524bbdef0c19996e8c0 /include/net | |
parent | 8b27b10f5863a5b63e46304a71aa01463d1efac4 (diff) |
ipvs: switch to notrack mode
Change skb->ipvs_property semantic. This is preparation
to support ip_vs_out processing in LOCAL_OUT. ipvs_property=1
will be used to avoid expensive lookups for traffic sent by
transmitters. Now when conntrack support is not used we call
ip_vs_notrack method to avoid problems in OUTPUT and
POST_ROUTING hooks instead of exiting POST_ROUTING as before.
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/ip_vs.h | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index adcdba9dd183..0e4618470cee 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h | |||
@@ -25,7 +25,7 @@ | |||
25 | #include <linux/ip.h> | 25 | #include <linux/ip.h> |
26 | #include <linux/ipv6.h> /* for struct ipv6hdr */ | 26 | #include <linux/ipv6.h> /* for struct ipv6hdr */ |
27 | #include <net/ipv6.h> /* for ipv6_addr_copy */ | 27 | #include <net/ipv6.h> /* for ipv6_addr_copy */ |
28 | #ifdef CONFIG_IP_VS_NFCT | 28 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
29 | #include <net/netfilter/nf_conntrack.h> | 29 | #include <net/netfilter/nf_conntrack.h> |
30 | #endif | 30 | #endif |
31 | 31 | ||
@@ -1021,6 +1021,24 @@ static inline __wsum ip_vs_check_diff2(__be16 old, __be16 new, __wsum oldsum) | |||
1021 | return csum_partial(diff, sizeof(diff), oldsum); | 1021 | return csum_partial(diff, sizeof(diff), oldsum); |
1022 | } | 1022 | } |
1023 | 1023 | ||
1024 | /* | ||
1025 | * Forget current conntrack (unconfirmed) and attach notrack entry | ||
1026 | */ | ||
1027 | static inline void ip_vs_notrack(struct sk_buff *skb) | ||
1028 | { | ||
1029 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | ||
1030 | enum ip_conntrack_info ctinfo; | ||
1031 | struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo); | ||
1032 | |||
1033 | if (!ct || !nf_ct_is_untracked(ct)) { | ||
1034 | nf_reset(skb); | ||
1035 | skb->nfct = &nf_ct_untracked_get()->ct_general; | ||
1036 | skb->nfctinfo = IP_CT_NEW; | ||
1037 | nf_conntrack_get(skb->nfct); | ||
1038 | } | ||
1039 | #endif | ||
1040 | } | ||
1041 | |||
1024 | #ifdef CONFIG_IP_VS_NFCT | 1042 | #ifdef CONFIG_IP_VS_NFCT |
1025 | /* | 1043 | /* |
1026 | * Netfilter connection tracking | 1044 | * Netfilter connection tracking |