diff options
| author | Julian Anastasov <ja@ssi.bg> | 2010-09-17 08:18:16 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2010-09-17 08:18:16 -0400 |
| commit | 3575792e005dc9994f15ae72c1c6f401d134177d (patch) | |
| tree | 2383227df0b4ab3418ecb2167535063b7f829f4d /net | |
| parent | b23909695c33f53df5f1d16696b1aa5b874c1904 (diff) | |
ipvs: extend connection flags to 32 bits
- the sync protocol supports 16 bits only, so bits 0..15 should be
used only for flags that should go to backup server, bits 16 and
above should be allocated for flags not sent to backup.
- use IP_VS_CONN_F_DEST_MASK as mask of connection flags in
destination that can be changed by user space
- allow IP_VS_CONN_F_ONE_PACKET to be set in destination
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/ipvs/ip_vs_conn.c | 16 | ||||
| -rw-r--r-- | net/netfilter/ipvs/ip_vs_core.c | 11 | ||||
| -rw-r--r-- | net/netfilter/ipvs/ip_vs_ctl.c | 5 |
3 files changed, 19 insertions, 13 deletions
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index b71c69a2db13..9fe1da7bcf16 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c +++ b/net/netfilter/ipvs/ip_vs_conn.c | |||
| @@ -505,6 +505,8 @@ static inline int ip_vs_dest_totalconns(struct ip_vs_dest *dest) | |||
| 505 | static inline void | 505 | static inline void |
| 506 | ip_vs_bind_dest(struct ip_vs_conn *cp, struct ip_vs_dest *dest) | 506 | ip_vs_bind_dest(struct ip_vs_conn *cp, struct ip_vs_dest *dest) |
| 507 | { | 507 | { |
| 508 | unsigned int conn_flags; | ||
| 509 | |||
| 508 | /* if dest is NULL, then return directly */ | 510 | /* if dest is NULL, then return directly */ |
| 509 | if (!dest) | 511 | if (!dest) |
| 510 | return; | 512 | return; |
| @@ -512,16 +514,18 @@ ip_vs_bind_dest(struct ip_vs_conn *cp, struct ip_vs_dest *dest) | |||
| 512 | /* Increase the refcnt counter of the dest */ | 514 | /* Increase the refcnt counter of the dest */ |
| 513 | atomic_inc(&dest->refcnt); | 515 | atomic_inc(&dest->refcnt); |
| 514 | 516 | ||
| 517 | conn_flags = atomic_read(&dest->conn_flags); | ||
| 518 | if (cp->protocol != IPPROTO_UDP) | ||
| 519 | conn_flags &= ~IP_VS_CONN_F_ONE_PACKET; | ||
| 515 | /* Bind with the destination and its corresponding transmitter */ | 520 | /* Bind with the destination and its corresponding transmitter */ |
| 516 | if ((cp->flags & IP_VS_CONN_F_SYNC) && | 521 | if (cp->flags & IP_VS_CONN_F_SYNC) { |
| 517 | (!(cp->flags & IP_VS_CONN_F_TEMPLATE))) | ||
| 518 | /* if the connection is not template and is created | 522 | /* if the connection is not template and is created |
| 519 | * by sync, preserve the activity flag. | 523 | * by sync, preserve the activity flag. |
| 520 | */ | 524 | */ |
| 521 | cp->flags |= atomic_read(&dest->conn_flags) & | 525 | if (!(cp->flags & IP_VS_CONN_F_TEMPLATE)) |
| 522 | (~IP_VS_CONN_F_INACTIVE); | 526 | conn_flags &= ~IP_VS_CONN_F_INACTIVE; |
| 523 | else | 527 | } |
| 524 | cp->flags |= atomic_read(&dest->conn_flags); | 528 | cp->flags |= conn_flags; |
| 525 | cp->dest = dest; | 529 | cp->dest = dest; |
| 526 | 530 | ||
| 527 | IP_VS_DBG_BUF(7, "Bind-dest %s c:%s:%d v:%s:%d " | 531 | IP_VS_DBG_BUF(7, "Bind-dest %s c:%s:%d v:%s:%d " |
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 0c043b6ce65e..319991d4d251 100644 --- a/net/netfilter/ipvs/ip_vs_core.c +++ b/net/netfilter/ipvs/ip_vs_core.c | |||
| @@ -194,7 +194,7 @@ ip_vs_sched_persist(struct ip_vs_service *svc, | |||
| 194 | struct ip_vs_dest *dest; | 194 | struct ip_vs_dest *dest; |
| 195 | struct ip_vs_conn *ct; | 195 | struct ip_vs_conn *ct; |
| 196 | __be16 dport; /* destination port to forward */ | 196 | __be16 dport; /* destination port to forward */ |
| 197 | __be16 flags; | 197 | unsigned int flags; |
| 198 | union nf_inet_addr snet; /* source network of the client, | 198 | union nf_inet_addr snet; /* source network of the client, |
| 199 | after masking */ | 199 | after masking */ |
| 200 | 200 | ||
| @@ -382,7 +382,8 @@ ip_vs_schedule(struct ip_vs_service *svc, const struct sk_buff *skb) | |||
| 382 | struct ip_vs_conn *cp = NULL; | 382 | struct ip_vs_conn *cp = NULL; |
| 383 | struct ip_vs_iphdr iph; | 383 | struct ip_vs_iphdr iph; |
| 384 | struct ip_vs_dest *dest; | 384 | struct ip_vs_dest *dest; |
| 385 | __be16 _ports[2], *pptr, flags; | 385 | __be16 _ports[2], *pptr; |
| 386 | unsigned int flags; | ||
| 386 | 387 | ||
| 387 | ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph); | 388 | ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph); |
| 388 | pptr = skb_header_pointer(skb, iph.len, sizeof(_ports), _ports); | 389 | pptr = skb_header_pointer(skb, iph.len, sizeof(_ports), _ports); |
| @@ -473,9 +474,9 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, | |||
| 473 | if (sysctl_ip_vs_cache_bypass && svc->fwmark && unicast) { | 474 | if (sysctl_ip_vs_cache_bypass && svc->fwmark && unicast) { |
| 474 | int ret, cs; | 475 | int ret, cs; |
| 475 | struct ip_vs_conn *cp; | 476 | struct ip_vs_conn *cp; |
| 476 | __u16 flags = (svc->flags & IP_VS_SVC_F_ONEPACKET && | 477 | unsigned int flags = (svc->flags & IP_VS_SVC_F_ONEPACKET && |
| 477 | iph.protocol == IPPROTO_UDP)? | 478 | iph.protocol == IPPROTO_UDP)? |
| 478 | IP_VS_CONN_F_ONE_PACKET : 0; | 479 | IP_VS_CONN_F_ONE_PACKET : 0; |
| 479 | union nf_inet_addr daddr = { .all = { 0, 0, 0, 0 } }; | 480 | union nf_inet_addr daddr = { .all = { 0, 0, 0, 0 } }; |
| 480 | 481 | ||
| 481 | ip_vs_service_put(svc); | 482 | ip_vs_service_put(svc); |
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index ca8ec8c4f311..7bd41d28080c 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c | |||
| @@ -765,7 +765,8 @@ __ip_vs_update_dest(struct ip_vs_service *svc, | |||
| 765 | 765 | ||
| 766 | /* set the weight and the flags */ | 766 | /* set the weight and the flags */ |
| 767 | atomic_set(&dest->weight, udest->weight); | 767 | atomic_set(&dest->weight, udest->weight); |
| 768 | conn_flags = udest->conn_flags | IP_VS_CONN_F_INACTIVE; | 768 | conn_flags = udest->conn_flags & IP_VS_CONN_F_DEST_MASK; |
| 769 | conn_flags |= IP_VS_CONN_F_INACTIVE; | ||
| 769 | 770 | ||
| 770 | /* check if local node and update the flags */ | 771 | /* check if local node and update the flags */ |
| 771 | #ifdef CONFIG_IP_VS_IPV6 | 772 | #ifdef CONFIG_IP_VS_IPV6 |
| @@ -782,7 +783,7 @@ __ip_vs_update_dest(struct ip_vs_service *svc, | |||
| 782 | } | 783 | } |
| 783 | 784 | ||
| 784 | /* set the IP_VS_CONN_F_NOOUTPUT flag if not masquerading/NAT */ | 785 | /* set the IP_VS_CONN_F_NOOUTPUT flag if not masquerading/NAT */ |
| 785 | if ((conn_flags & IP_VS_CONN_F_FWD_MASK) != 0) { | 786 | if ((conn_flags & IP_VS_CONN_F_FWD_MASK) != IP_VS_CONN_F_MASQ) { |
| 786 | conn_flags |= IP_VS_CONN_F_NOOUTPUT; | 787 | conn_flags |= IP_VS_CONN_F_NOOUTPUT; |
| 787 | } else { | 788 | } else { |
| 788 | /* | 789 | /* |