diff options
| author | Julius Volz <juliusv@google.com> | 2008-08-22 08:06:12 -0400 |
|---|---|---|
| committer | Simon Horman <horms@verge.net.au> | 2008-08-26 23:50:35 -0400 |
| commit | 409a19669e4cd8d1bab7dff31d3b6aa493ff60f0 (patch) | |
| tree | c06b390d5ab22d36830217342907d794d0f519b7 /net | |
| parent | f728bafb5698076dd35bca35ee6cfe52ea1b8ab2 (diff) | |
IPVS: Integrate ESP protocol into ip_vs_proto_ah.c
Rename all ah_* functions to ah_esp_* (and adjust comments). Move ESP
protocol definition into ip_vs_proto_ah.c and remove all usage of
ip_vs_proto_esp.c.
Make the compilation of ip_vs_proto_ah.c dependent on a new config
variable, IP_VS_PROTO_AH_ESP, which is selected either by
IP_VS_PROTO_ESP or IP_VS_PROTO_AH. Only compile the selected protocols'
structures within this file.
Signed-off-by: Julius Volz <juliusv@google.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/ipvs/Kconfig | 6 | ||||
| -rw-r--r-- | net/ipv4/ipvs/Makefile | 3 | ||||
| -rw-r--r-- | net/ipv4/ipvs/ip_vs_proto_ah.c | 69 |
3 files changed, 54 insertions, 24 deletions
diff --git a/net/ipv4/ipvs/Kconfig b/net/ipv4/ipvs/Kconfig index 09d0c3f35669..2e48a7e27223 100644 --- a/net/ipv4/ipvs/Kconfig +++ b/net/ipv4/ipvs/Kconfig | |||
| @@ -71,14 +71,20 @@ config IP_VS_PROTO_UDP | |||
| 71 | This option enables support for load balancing UDP transport | 71 | This option enables support for load balancing UDP transport |
| 72 | protocol. Say Y if unsure. | 72 | protocol. Say Y if unsure. |
| 73 | 73 | ||
| 74 | config IP_VS_PROTO_AH_ESP | ||
| 75 | bool | ||
| 76 | depends on UNDEFINED | ||
| 77 | |||
| 74 | config IP_VS_PROTO_ESP | 78 | config IP_VS_PROTO_ESP |
| 75 | bool "ESP load balancing support" | 79 | bool "ESP load balancing support" |
| 80 | select IP_VS_PROTO_AH_ESP | ||
| 76 | ---help--- | 81 | ---help--- |
| 77 | This option enables support for load balancing ESP (Encapsulation | 82 | This option enables support for load balancing ESP (Encapsulation |
| 78 | Security Payload) transport protocol. Say Y if unsure. | 83 | Security Payload) transport protocol. Say Y if unsure. |
| 79 | 84 | ||
| 80 | config IP_VS_PROTO_AH | 85 | config IP_VS_PROTO_AH |
| 81 | bool "AH load balancing support" | 86 | bool "AH load balancing support" |
| 87 | select IP_VS_PROTO_AH_ESP | ||
| 82 | ---help--- | 88 | ---help--- |
| 83 | This option enables support for load balancing AH (Authentication | 89 | This option enables support for load balancing AH (Authentication |
| 84 | Header) transport protocol. Say Y if unsure. | 90 | Header) transport protocol. Say Y if unsure. |
diff --git a/net/ipv4/ipvs/Makefile b/net/ipv4/ipvs/Makefile index 30e85de9ffff..cda3e0860d69 100644 --- a/net/ipv4/ipvs/Makefile +++ b/net/ipv4/ipvs/Makefile | |||
| @@ -6,8 +6,7 @@ | |||
| 6 | ip_vs_proto-objs-y := | 6 | ip_vs_proto-objs-y := |
| 7 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_TCP) += ip_vs_proto_tcp.o | 7 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_TCP) += ip_vs_proto_tcp.o |
| 8 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_UDP) += ip_vs_proto_udp.o | 8 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_UDP) += ip_vs_proto_udp.o |
| 9 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_ESP) += ip_vs_proto_esp.o | 9 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_AH_ESP) += ip_vs_proto_ah.o |
| 10 | ip_vs_proto-objs-$(CONFIG_IP_VS_PROTO_AH) += ip_vs_proto_ah.o | ||
| 11 | 10 | ||
| 12 | ip_vs-objs := ip_vs_conn.o ip_vs_core.o ip_vs_ctl.o ip_vs_sched.o \ | 11 | ip_vs-objs := ip_vs_conn.o ip_vs_core.o ip_vs_ctl.o ip_vs_sched.o \ |
| 13 | ip_vs_xmit.o ip_vs_app.o ip_vs_sync.o \ | 12 | ip_vs_xmit.o ip_vs_app.o ip_vs_sync.o \ |
diff --git a/net/ipv4/ipvs/ip_vs_proto_ah.c b/net/ipv4/ipvs/ip_vs_proto_ah.c index 73e0ea87c1f5..3f9ebd7639ae 100644 --- a/net/ipv4/ipvs/ip_vs_proto_ah.c +++ b/net/ipv4/ipvs/ip_vs_proto_ah.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* | 1 | /* |
| 2 | * ip_vs_proto_ah.c: AH IPSec load balancing support for IPVS | 2 | * ip_vs_proto_ah_esp.c: AH/ESP IPSec load balancing support for IPVS |
| 3 | * | 3 | * |
| 4 | * Authors: Julian Anastasov <ja@ssi.bg>, February 2002 | 4 | * Authors: Julian Anastasov <ja@ssi.bg>, February 2002 |
| 5 | * Wensong Zhang <wensong@linuxvirtualserver.org> | 5 | * Wensong Zhang <wensong@linuxvirtualserver.org> |
| @@ -39,11 +39,11 @@ struct isakmp_hdr { | |||
| 39 | 39 | ||
| 40 | 40 | ||
| 41 | static struct ip_vs_conn * | 41 | static struct ip_vs_conn * |
| 42 | ah_conn_in_get(const struct sk_buff *skb, | 42 | ah_esp_conn_in_get(const struct sk_buff *skb, |
| 43 | struct ip_vs_protocol *pp, | 43 | struct ip_vs_protocol *pp, |
| 44 | const struct iphdr *iph, | 44 | const struct iphdr *iph, |
| 45 | unsigned int proto_off, | 45 | unsigned int proto_off, |
| 46 | int inverse) | 46 | int inverse) |
| 47 | { | 47 | { |
| 48 | struct ip_vs_conn *cp; | 48 | struct ip_vs_conn *cp; |
| 49 | 49 | ||
| @@ -79,8 +79,8 @@ ah_conn_in_get(const struct sk_buff *skb, | |||
| 79 | 79 | ||
| 80 | 80 | ||
| 81 | static struct ip_vs_conn * | 81 | static struct ip_vs_conn * |
| 82 | ah_conn_out_get(const struct sk_buff *skb, struct ip_vs_protocol *pp, | 82 | ah_esp_conn_out_get(const struct sk_buff *skb, struct ip_vs_protocol *pp, |
| 83 | const struct iphdr *iph, unsigned int proto_off, int inverse) | 83 | const struct iphdr *iph, unsigned int proto_off, int inverse) |
| 84 | { | 84 | { |
| 85 | struct ip_vs_conn *cp; | 85 | struct ip_vs_conn *cp; |
| 86 | 86 | ||
| @@ -112,12 +112,12 @@ ah_conn_out_get(const struct sk_buff *skb, struct ip_vs_protocol *pp, | |||
| 112 | 112 | ||
| 113 | 113 | ||
| 114 | static int | 114 | static int |
| 115 | ah_conn_schedule(struct sk_buff *skb, | 115 | ah_esp_conn_schedule(struct sk_buff *skb, |
| 116 | struct ip_vs_protocol *pp, | 116 | struct ip_vs_protocol *pp, |
| 117 | int *verdict, struct ip_vs_conn **cpp) | 117 | int *verdict, struct ip_vs_conn **cpp) |
| 118 | { | 118 | { |
| 119 | /* | 119 | /* |
| 120 | * AH is only related traffic. Pass the packet to IP stack. | 120 | * AH/ESP is only related traffic. Pass the packet to IP stack. |
| 121 | */ | 121 | */ |
| 122 | *verdict = NF_ACCEPT; | 122 | *verdict = NF_ACCEPT; |
| 123 | return 0; | 123 | return 0; |
| @@ -125,8 +125,8 @@ ah_conn_schedule(struct sk_buff *skb, | |||
| 125 | 125 | ||
| 126 | 126 | ||
| 127 | static void | 127 | static void |
| 128 | ah_debug_packet(struct ip_vs_protocol *pp, const struct sk_buff *skb, | 128 | ah_esp_debug_packet(struct ip_vs_protocol *pp, const struct sk_buff *skb, |
| 129 | int offset, const char *msg) | 129 | int offset, const char *msg) |
| 130 | { | 130 | { |
| 131 | char buf[256]; | 131 | char buf[256]; |
| 132 | struct iphdr _iph, *ih; | 132 | struct iphdr _iph, *ih; |
| @@ -143,28 +143,29 @@ ah_debug_packet(struct ip_vs_protocol *pp, const struct sk_buff *skb, | |||
| 143 | } | 143 | } |
| 144 | 144 | ||
| 145 | 145 | ||
| 146 | static void ah_init(struct ip_vs_protocol *pp) | 146 | static void ah_esp_init(struct ip_vs_protocol *pp) |
| 147 | { | 147 | { |
| 148 | /* nothing to do now */ | 148 | /* nothing to do now */ |
| 149 | } | 149 | } |
| 150 | 150 | ||
| 151 | 151 | ||
| 152 | static void ah_exit(struct ip_vs_protocol *pp) | 152 | static void ah_esp_exit(struct ip_vs_protocol *pp) |
| 153 | { | 153 | { |
| 154 | /* nothing to do now */ | 154 | /* nothing to do now */ |
| 155 | } | 155 | } |
| 156 | 156 | ||
| 157 | 157 | ||
| 158 | #ifdef CONFIG_IP_VS_PROTO_AH | ||
| 158 | struct ip_vs_protocol ip_vs_protocol_ah = { | 159 | struct ip_vs_protocol ip_vs_protocol_ah = { |
| 159 | .name = "AH", | 160 | .name = "AH", |
| 160 | .protocol = IPPROTO_AH, | 161 | .protocol = IPPROTO_AH, |
| 161 | .num_states = 1, | 162 | .num_states = 1, |
| 162 | .dont_defrag = 1, | 163 | .dont_defrag = 1, |
| 163 | .init = ah_init, | 164 | .init = ah_esp_init, |
| 164 | .exit = ah_exit, | 165 | .exit = ah_esp_exit, |
| 165 | .conn_schedule = ah_conn_schedule, | 166 | .conn_schedule = ah_esp_conn_schedule, |
| 166 | .conn_in_get = ah_conn_in_get, | 167 | .conn_in_get = ah_esp_conn_in_get, |
| 167 | .conn_out_get = ah_conn_out_get, | 168 | .conn_out_get = ah_esp_conn_out_get, |
| 168 | .snat_handler = NULL, | 169 | .snat_handler = NULL, |
| 169 | .dnat_handler = NULL, | 170 | .dnat_handler = NULL, |
| 170 | .csum_check = NULL, | 171 | .csum_check = NULL, |
| @@ -172,7 +173,31 @@ struct ip_vs_protocol ip_vs_protocol_ah = { | |||
| 172 | .register_app = NULL, | 173 | .register_app = NULL, |
| 173 | .unregister_app = NULL, | 174 | .unregister_app = NULL, |
| 174 | .app_conn_bind = NULL, | 175 | .app_conn_bind = NULL, |
| 175 | .debug_packet = ah_debug_packet, | 176 | .debug_packet = ah_esp_debug_packet, |
| 176 | .timeout_change = NULL, /* ISAKMP */ | 177 | .timeout_change = NULL, /* ISAKMP */ |
| 177 | .set_state_timeout = NULL, | 178 | .set_state_timeout = NULL, |
| 178 | }; | 179 | }; |
| 180 | #endif | ||
| 181 | |||
| 182 | #ifdef CONFIG_IP_VS_PROTO_ESP | ||
| 183 | struct ip_vs_protocol ip_vs_protocol_esp = { | ||
| 184 | .name = "ESP", | ||
| 185 | .protocol = IPPROTO_ESP, | ||
| 186 | .num_states = 1, | ||
| 187 | .dont_defrag = 1, | ||
| 188 | .init = ah_esp_init, | ||
| 189 | .exit = ah_esp_exit, | ||
| 190 | .conn_schedule = ah_esp_conn_schedule, | ||
| 191 | .conn_in_get = ah_esp_conn_in_get, | ||
| 192 | .conn_out_get = ah_esp_conn_out_get, | ||
| 193 | .snat_handler = NULL, | ||
| 194 | .dnat_handler = NULL, | ||
| 195 | .csum_check = NULL, | ||
| 196 | .state_transition = NULL, | ||
| 197 | .register_app = NULL, | ||
| 198 | .unregister_app = NULL, | ||
| 199 | .app_conn_bind = NULL, | ||
| 200 | .debug_packet = ah_esp_debug_packet, | ||
| 201 | .timeout_change = NULL, /* ISAKMP */ | ||
| 202 | }; | ||
| 203 | #endif | ||