aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/net/ip_vs.h21
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_sctp.c854
-rw-r--r--net/netfilter/ipvs/ip_vs_sync.c7
3 files changed, 168 insertions, 714 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index 95860dfdfbe3..e667df171003 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -380,17 +380,18 @@ enum {
380 */ 380 */
381enum ip_vs_sctp_states { 381enum ip_vs_sctp_states {
382 IP_VS_SCTP_S_NONE, 382 IP_VS_SCTP_S_NONE,
383 IP_VS_SCTP_S_INIT_CLI, 383 IP_VS_SCTP_S_INIT1,
384 IP_VS_SCTP_S_INIT_SER, 384 IP_VS_SCTP_S_INIT,
385 IP_VS_SCTP_S_INIT_ACK_CLI, 385 IP_VS_SCTP_S_COOKIE_SENT,
386 IP_VS_SCTP_S_INIT_ACK_SER, 386 IP_VS_SCTP_S_COOKIE_REPLIED,
387 IP_VS_SCTP_S_ECHO_CLI, 387 IP_VS_SCTP_S_COOKIE_WAIT,
388 IP_VS_SCTP_S_ECHO_SER, 388 IP_VS_SCTP_S_COOKIE,
389 IP_VS_SCTP_S_COOKIE_ECHOED,
389 IP_VS_SCTP_S_ESTABLISHED, 390 IP_VS_SCTP_S_ESTABLISHED,
390 IP_VS_SCTP_S_SHUT_CLI, 391 IP_VS_SCTP_S_SHUTDOWN_SENT,
391 IP_VS_SCTP_S_SHUT_SER, 392 IP_VS_SCTP_S_SHUTDOWN_RECEIVED,
392 IP_VS_SCTP_S_SHUT_ACK_CLI, 393 IP_VS_SCTP_S_SHUTDOWN_ACK_SENT,
393 IP_VS_SCTP_S_SHUT_ACK_SER, 394 IP_VS_SCTP_S_REJECTED,
394 IP_VS_SCTP_S_CLOSED, 395 IP_VS_SCTP_S_CLOSED,
395 IP_VS_SCTP_S_LAST 396 IP_VS_SCTP_S_LAST
396}; 397};
diff --git a/net/netfilter/ipvs/ip_vs_proto_sctp.c b/net/netfilter/ipvs/ip_vs_proto_sctp.c
index df29d6417043..3c0da8728036 100644
--- a/net/netfilter/ipvs/ip_vs_proto_sctp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_sctp.c
@@ -185,710 +185,159 @@ sctp_csum_check(int af, struct sk_buff *skb, struct ip_vs_protocol *pp)
185 return 1; 185 return 1;
186} 186}
187 187
188struct ipvs_sctp_nextstate {
189 int next_state;
190};
191enum ipvs_sctp_event_t { 188enum ipvs_sctp_event_t {
192 IP_VS_SCTP_EVE_DATA_CLI, 189 IP_VS_SCTP_DATA = 0, /* DATA, SACK, HEARTBEATs */
193 IP_VS_SCTP_EVE_DATA_SER, 190 IP_VS_SCTP_INIT,
194 IP_VS_SCTP_EVE_INIT_CLI, 191 IP_VS_SCTP_INIT_ACK,
195 IP_VS_SCTP_EVE_INIT_SER, 192 IP_VS_SCTP_COOKIE_ECHO,
196 IP_VS_SCTP_EVE_INIT_ACK_CLI, 193 IP_VS_SCTP_COOKIE_ACK,
197 IP_VS_SCTP_EVE_INIT_ACK_SER, 194 IP_VS_SCTP_SHUTDOWN,
198 IP_VS_SCTP_EVE_COOKIE_ECHO_CLI, 195 IP_VS_SCTP_SHUTDOWN_ACK,
199 IP_VS_SCTP_EVE_COOKIE_ECHO_SER, 196 IP_VS_SCTP_SHUTDOWN_COMPLETE,
200 IP_VS_SCTP_EVE_COOKIE_ACK_CLI, 197 IP_VS_SCTP_ERROR,
201 IP_VS_SCTP_EVE_COOKIE_ACK_SER, 198 IP_VS_SCTP_ABORT,
202 IP_VS_SCTP_EVE_ABORT_CLI, 199 IP_VS_SCTP_EVENT_LAST
203 IP_VS_SCTP_EVE__ABORT_SER,
204 IP_VS_SCTP_EVE_SHUT_CLI,
205 IP_VS_SCTP_EVE_SHUT_SER,
206 IP_VS_SCTP_EVE_SHUT_ACK_CLI,
207 IP_VS_SCTP_EVE_SHUT_ACK_SER,
208 IP_VS_SCTP_EVE_SHUT_COM_CLI,
209 IP_VS_SCTP_EVE_SHUT_COM_SER,
210 IP_VS_SCTP_EVE_LAST
211}; 200};
212 201
213static enum ipvs_sctp_event_t sctp_events[256] = { 202/* RFC 2960, 3.2 Chunk Field Descriptions */
214 IP_VS_SCTP_EVE_DATA_CLI, 203static __u8 sctp_events[] = {
215 IP_VS_SCTP_EVE_INIT_CLI, 204 [SCTP_CID_DATA] = IP_VS_SCTP_DATA,
216 IP_VS_SCTP_EVE_INIT_ACK_CLI, 205 [SCTP_CID_INIT] = IP_VS_SCTP_INIT,
217 IP_VS_SCTP_EVE_DATA_CLI, 206 [SCTP_CID_INIT_ACK] = IP_VS_SCTP_INIT_ACK,
218 IP_VS_SCTP_EVE_DATA_CLI, 207 [SCTP_CID_SACK] = IP_VS_SCTP_DATA,
219 IP_VS_SCTP_EVE_DATA_CLI, 208 [SCTP_CID_HEARTBEAT] = IP_VS_SCTP_DATA,
220 IP_VS_SCTP_EVE_ABORT_CLI, 209 [SCTP_CID_HEARTBEAT_ACK] = IP_VS_SCTP_DATA,
221 IP_VS_SCTP_EVE_SHUT_CLI, 210 [SCTP_CID_ABORT] = IP_VS_SCTP_ABORT,
222 IP_VS_SCTP_EVE_SHUT_ACK_CLI, 211 [SCTP_CID_SHUTDOWN] = IP_VS_SCTP_SHUTDOWN,
223 IP_VS_SCTP_EVE_DATA_CLI, 212 [SCTP_CID_SHUTDOWN_ACK] = IP_VS_SCTP_SHUTDOWN_ACK,
224 IP_VS_SCTP_EVE_COOKIE_ECHO_CLI, 213 [SCTP_CID_ERROR] = IP_VS_SCTP_ERROR,
225 IP_VS_SCTP_EVE_COOKIE_ACK_CLI, 214 [SCTP_CID_COOKIE_ECHO] = IP_VS_SCTP_COOKIE_ECHO,
226 IP_VS_SCTP_EVE_DATA_CLI, 215 [SCTP_CID_COOKIE_ACK] = IP_VS_SCTP_COOKIE_ACK,
227 IP_VS_SCTP_EVE_DATA_CLI, 216 [SCTP_CID_ECN_ECNE] = IP_VS_SCTP_DATA,
228 IP_VS_SCTP_EVE_SHUT_COM_CLI, 217 [SCTP_CID_ECN_CWR] = IP_VS_SCTP_DATA,
218 [SCTP_CID_SHUTDOWN_COMPLETE] = IP_VS_SCTP_SHUTDOWN_COMPLETE,
229}; 219};
230 220
231static struct ipvs_sctp_nextstate 221/* SCTP States:
232 sctp_states_table[IP_VS_SCTP_S_LAST][IP_VS_SCTP_EVE_LAST] = { 222 * See RFC 2960, 4. SCTP Association State Diagram
233 /* 223 *
234 * STATE : IP_VS_SCTP_S_NONE 224 * New states (not in diagram):
235 */ 225 * - INIT1 state: use shorter timeout for dropped INIT packets
236 /*next state *//*event */ 226 * - REJECTED state: use shorter timeout if INIT is rejected with ABORT
237 {{IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_DATA_CLI */ }, 227 * - INIT, COOKIE_SENT, COOKIE_REPLIED, COOKIE states: for better debugging
238 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ }, 228 *
239 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ }, 229 * The states are as seen in real server. In the diagram, INIT1, INIT,
240 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ }, 230 * COOKIE_SENT and COOKIE_REPLIED processing happens in CLOSED state.
241 {IP_VS_SCTP_S_INIT_ACK_CLI /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ }, 231 *
242 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_SER */ }, 232 * States as per packets from client (C) and server (S):
243 {IP_VS_SCTP_S_ECHO_CLI /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ }, 233 *
244 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ }, 234 * Setup of client connection:
245 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ }, 235 * IP_VS_SCTP_S_INIT1: First C:INIT sent, wait for S:INIT-ACK
246 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ }, 236 * IP_VS_SCTP_S_INIT: Next C:INIT sent, wait for S:INIT-ACK
247 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ }, 237 * IP_VS_SCTP_S_COOKIE_SENT: S:INIT-ACK sent, wait for C:COOKIE-ECHO
248 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ }, 238 * IP_VS_SCTP_S_COOKIE_REPLIED: C:COOKIE-ECHO sent, wait for S:COOKIE-ACK
249 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_SHUT_CLI */ }, 239 *
250 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ }, 240 * Setup of server connection:
251 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ }, 241 * IP_VS_SCTP_S_COOKIE_WAIT: S:INIT sent, wait for C:INIT-ACK
252 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ }, 242 * IP_VS_SCTP_S_COOKIE: C:INIT-ACK sent, wait for S:COOKIE-ECHO
253 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ }, 243 * IP_VS_SCTP_S_COOKIE_ECHOED: S:COOKIE-ECHO sent, wait for C:COOKIE-ACK
254 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }, 244 */
255 },
256 /*
257 * STATE : IP_VS_SCTP_S_INIT_CLI
258 * Cient sent INIT and is waiting for reply from server(In ECHO_WAIT)
259 */
260 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
261 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
262 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
263 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
264 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
265 {IP_VS_SCTP_S_INIT_ACK_SER /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
266 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ECHO_CLI */ },
267 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_ECHO_SER */ },
268 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
269 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
270 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
271 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
272 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
273 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
274 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
275 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
276 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
277 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
278 },
279 /*
280 * State : IP_VS_SCTP_S_INIT_SER
281 * Server sent INIT and waiting for INIT ACK from the client
282 */
283 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
284 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
285 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
286 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
287 {IP_VS_SCTP_S_INIT_ACK_CLI /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
288 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
289 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
290 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
291 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
292 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
293 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
294 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
295 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
296 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
297 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
298 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
299 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
300 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
301 },
302 /*
303 * State : IP_VS_SCTP_S_INIT_ACK_CLI
304 * Client sent INIT ACK and waiting for ECHO from the server
305 */
306 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
307 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
308 /*
309 * We have got an INIT from client. From the spec.“Upon receipt of
310 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
311 * an INIT ACK using the same parameters it sent in its original
312 * INIT chunk (including its Initiate Tag, unchanged”).
313 */
314 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
315 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
316 /*
317 * INIT_ACK has been resent by the client, let us stay is in
318 * the same state
319 */
320 {IP_VS_SCTP_S_INIT_ACK_CLI /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
321 /*
322 * INIT_ACK sent by the server, close the connection
323 */
324 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
325 /*
326 * ECHO by client, it should not happen, close the connection
327 */
328 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
329 /*
330 * ECHO by server, this is what we are expecting, move to ECHO_SER
331 */
332 {IP_VS_SCTP_S_ECHO_SER /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
333 /*
334 * COOKIE ACK from client, it should not happen, close the connection
335 */
336 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
337 /*
338 * Unexpected COOKIE ACK from server, staty in the same state
339 */
340 {IP_VS_SCTP_S_INIT_ACK_CLI /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
341 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
342 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
343 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
344 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
345 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
346 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
347 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
348 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
349 },
350 /*
351 * State : IP_VS_SCTP_S_INIT_ACK_SER
352 * Server sent INIT ACK and waiting for ECHO from the client
353 */
354 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
355 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
356 /*
357 * We have got an INIT from client. From the spec.“Upon receipt of
358 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
359 * an INIT ACK using the same parameters it sent in its original
360 * INIT chunk (including its Initiate Tag, unchanged”).
361 */
362 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
363 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
364 /*
365 * Unexpected INIT_ACK by the client, let us close the connection
366 */
367 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
368 /*
369 * INIT_ACK resent by the server, let us move to same state
370 */
371 {IP_VS_SCTP_S_INIT_ACK_SER /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
372 /*
373 * Client send the ECHO, this is what we are expecting,
374 * move to ECHO_CLI
375 */
376 {IP_VS_SCTP_S_ECHO_CLI /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
377 /*
378 * ECHO received from the server, Not sure what to do,
379 * let us close it
380 */
381 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
382 /*
383 * COOKIE ACK from client, let us stay in the same state
384 */
385 {IP_VS_SCTP_S_INIT_ACK_SER /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
386 /*
387 * COOKIE ACK from server, hmm... this should not happen, lets close
388 * the connection.
389 */
390 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
391 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
392 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
393 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
394 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
395 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
396 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
397 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
398 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
399 },
400 /*
401 * State : IP_VS_SCTP_S_ECHO_CLI
402 * Cient sent ECHO and waiting COOKEI ACK from the Server
403 */
404 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
405 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
406 /*
407 * We have got an INIT from client. From the spec.“Upon receipt of
408 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
409 * an INIT ACK using the same parameters it sent in its original
410 * INIT chunk (including its Initiate Tag, unchanged”).
411 */
412 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
413 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
414 /*
415 * INIT_ACK has been by the client, let us close the connection
416 */
417 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
418 /*
419 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
420 * “If an INIT ACK is received by an endpoint in any state other
421 * than the COOKIE-WAIT state, the endpoint should discard the
422 * INIT ACK chunk”. Stay in the same state
423 */
424 {IP_VS_SCTP_S_ECHO_CLI /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
425 /*
426 * Client resent the ECHO, let us stay in the same state
427 */
428 {IP_VS_SCTP_S_ECHO_CLI /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
429 /*
430 * ECHO received from the server, Not sure what to do,
431 * let us close it
432 */
433 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
434 /*
435 * COOKIE ACK from client, this shoud not happen, let's close the
436 * connection
437 */
438 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
439 /*
440 * COOKIE ACK from server, this is what we are awaiting,lets move to
441 * ESTABLISHED.
442 */
443 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
444 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
445 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
446 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
447 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
448 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
449 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
450 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
451 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
452 },
453 /*
454 * State : IP_VS_SCTP_S_ECHO_SER
455 * Server sent ECHO and waiting COOKEI ACK from the client
456 */
457 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
458 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
459 /*
460 * We have got an INIT from client. From the spec.“Upon receipt of
461 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
462 * an INIT ACK using the same parameters it sent in its original
463 * INIT chunk (including its Initiate Tag, unchanged”).
464 */
465 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
466 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
467 /*
468 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
469 * “If an INIT ACK is received by an endpoint in any state other
470 * than the COOKIE-WAIT state, the endpoint should discard the
471 * INIT ACK chunk”. Stay in the same state
472 */
473 {IP_VS_SCTP_S_ECHO_SER /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
474 /*
475 * INIT_ACK has been by the server, let us close the connection
476 */
477 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
478 /*
479 * Client sent the ECHO, not sure what to do, let's close the
480 * connection.
481 */
482 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
483 /*
484 * ECHO resent by the server, stay in the same state
485 */
486 {IP_VS_SCTP_S_ECHO_SER /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
487 /*
488 * COOKIE ACK from client, this is what we are expecting, let's move
489 * to ESTABLISHED.
490 */
491 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
492 /*
493 * COOKIE ACK from server, this should not happen, lets close the
494 * connection.
495 */
496 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
497 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
498 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
499 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
500 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
501 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
502 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
503 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
504 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
505 },
506 /*
507 * State : IP_VS_SCTP_S_ESTABLISHED
508 * Association established
509 */
510 {{IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_DATA_CLI */ },
511 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_DATA_SER */ },
512 /*
513 * We have got an INIT from client. From the spec.“Upon receipt of
514 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
515 * an INIT ACK using the same parameters it sent in its original
516 * INIT chunk (including its Initiate Tag, unchanged”).
517 */
518 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
519 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
520 /*
521 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
522 * “If an INIT ACK is received by an endpoint in any state other
523 * than the COOKIE-WAIT state, the endpoint should discard the
524 * INIT ACK chunk”. Stay in the same state
525 */
526 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
527 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
528 /*
529 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
530 * peer and peer shall move to the ESTABISHED. if it doesn't handle
531 * it will send ERROR chunk. So, stay in the same state
532 */
533 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
534 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
535 /*
536 * COOKIE ACK from client, not sure what to do stay in the same state
537 */
538 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
539 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
540 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
541 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
542 /*
543 * SHUTDOWN from the client, move to SHUDDOWN_CLI
544 */
545 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_SHUT_CLI */ },
546 /*
547 * SHUTDOWN from the server, move to SHUTDOWN_SER
548 */
549 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_SHUT_SER */ },
550 /*
551 * client sent SHUDTDOWN_ACK, this should not happen, let's close
552 * the connection
553 */
554 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
555 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
556 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
557 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
558 },
559 /*
560 * State : IP_VS_SCTP_S_SHUT_CLI
561 * SHUTDOWN sent from the client, waitinf for SHUT ACK from the server
562 */
563 /*
564 * We received the data chuck, keep the state unchanged. I assume
565 * that still data chuncks can be received by both the peers in
566 * SHUDOWN state
567 */
568
569 {{IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_DATA_CLI */ },
570 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_DATA_SER */ },
571 /*
572 * We have got an INIT from client. From the spec.“Upon receipt of
573 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
574 * an INIT ACK using the same parameters it sent in its original
575 * INIT chunk (including its Initiate Tag, unchanged”).
576 */
577 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
578 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
579 /*
580 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
581 * “If an INIT ACK is received by an endpoint in any state other
582 * than the COOKIE-WAIT state, the endpoint should discard the
583 * INIT ACK chunk”. Stay in the same state
584 */
585 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
586 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
587 /*
588 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
589 * peer and peer shall move to the ESTABISHED. if it doesn't handle
590 * it will send ERROR chunk. So, stay in the same state
591 */
592 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
593 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
594 /*
595 * COOKIE ACK from client, not sure what to do stay in the same state
596 */
597 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
598 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
599 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
600 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
601 /*
602 * SHUTDOWN resent from the client, move to SHUDDOWN_CLI
603 */
604 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_SHUT_CLI */ },
605 /*
606 * SHUTDOWN from the server, move to SHUTDOWN_SER
607 */
608 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_SHUT_SER */ },
609 /*
610 * client sent SHUDTDOWN_ACK, this should not happen, let's close
611 * the connection
612 */
613 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
614 /*
615 * Server sent SHUTDOWN ACK, this is what we are expecting, let's move
616 * to SHUDOWN_ACK_SER
617 */
618 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
619 /*
620 * SHUTDOWN COM from client, this should not happen, let's close the
621 * connection
622 */
623 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
624 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
625 },
626 /*
627 * State : IP_VS_SCTP_S_SHUT_SER
628 * SHUTDOWN sent from the server, waitinf for SHUTDOWN ACK from client
629 */
630 /*
631 * We received the data chuck, keep the state unchanged. I assume
632 * that still data chuncks can be received by both the peers in
633 * SHUDOWN state
634 */
635
636 {{IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_DATA_CLI */ },
637 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_DATA_SER */ },
638 /*
639 * We have got an INIT from client. From the spec.“Upon receipt of
640 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
641 * an INIT ACK using the same parameters it sent in its original
642 * INIT chunk (including its Initiate Tag, unchanged”).
643 */
644 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
645 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
646 /*
647 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
648 * “If an INIT ACK is received by an endpoint in any state other
649 * than the COOKIE-WAIT state, the endpoint should discard the
650 * INIT ACK chunk”. Stay in the same state
651 */
652 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
653 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
654 /*
655 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
656 * peer and peer shall move to the ESTABISHED. if it doesn't handle
657 * it will send ERROR chunk. So, stay in the same state
658 */
659 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
660 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
661 /*
662 * COOKIE ACK from client, not sure what to do stay in the same state
663 */
664 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
665 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
666 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
667 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
668 /*
669 * SHUTDOWN resent from the client, move to SHUDDOWN_CLI
670 */
671 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_SHUT_CLI */ },
672 /*
673 * SHUTDOWN resent from the server, move to SHUTDOWN_SER
674 */
675 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_SHUT_SER */ },
676 /*
677 * client sent SHUDTDOWN_ACK, this is what we are expecting, let's
678 * move to SHUT_ACK_CLI
679 */
680 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
681 /*
682 * Server sent SHUTDOWN ACK, this should not happen, let's close the
683 * connection
684 */
685 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
686 /*
687 * SHUTDOWN COM from client, this should not happen, let's close the
688 * connection
689 */
690 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
691 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
692 },
693
694 /*
695 * State : IP_VS_SCTP_S_SHUT_ACK_CLI
696 * SHUTDOWN ACK from the client, awaiting for SHUTDOWN COM from server
697 */
698 /*
699 * We received the data chuck, keep the state unchanged. I assume
700 * that still data chuncks can be received by both the peers in
701 * SHUDOWN state
702 */
703
704 {{IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_DATA_CLI */ },
705 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_DATA_SER */ },
706 /*
707 * We have got an INIT from client. From the spec.“Upon receipt of
708 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
709 * an INIT ACK using the same parameters it sent in its original
710 * INIT chunk (including its Initiate Tag, unchanged”).
711 */
712 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
713 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
714 /*
715 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
716 * “If an INIT ACK is received by an endpoint in any state other
717 * than the COOKIE-WAIT state, the endpoint should discard the
718 * INIT ACK chunk”. Stay in the same state
719 */
720 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
721 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
722 /*
723 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
724 * peer and peer shall move to the ESTABISHED. if it doesn't handle
725 * it will send ERROR chunk. So, stay in the same state
726 */
727 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
728 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
729 /*
730 * COOKIE ACK from client, not sure what to do stay in the same state
731 */
732 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
733 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
734 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
735 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
736 /*
737 * SHUTDOWN sent from the client, move to SHUDDOWN_CLI
738 */
739 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_SHUT_CLI */ },
740 /*
741 * SHUTDOWN sent from the server, move to SHUTDOWN_SER
742 */
743 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_SHUT_SER */ },
744 /*
745 * client resent SHUDTDOWN_ACK, let's stay in the same state
746 */
747 {IP_VS_SCTP_S_SHUT_ACK_CLI /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
748 /*
749 * Server sent SHUTDOWN ACK, this should not happen, let's close the
750 * connection
751 */
752 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
753 /*
754 * SHUTDOWN COM from client, this should not happen, let's close the
755 * connection
756 */
757 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
758 /*
759 * SHUTDOWN COMPLETE from server this is what we are expecting.
760 */
761 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
762 },
763
764 /*
765 * State : IP_VS_SCTP_S_SHUT_ACK_SER
766 * SHUTDOWN ACK from the server, awaiting for SHUTDOWN COM from client
767 */
768 /*
769 * We received the data chuck, keep the state unchanged. I assume
770 * that still data chuncks can be received by both the peers in
771 * SHUDOWN state
772 */
773 245
774 {{IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_DATA_CLI */ }, 246#define sNO IP_VS_SCTP_S_NONE
775 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_DATA_SER */ }, 247#define sI1 IP_VS_SCTP_S_INIT1
776 /* 248#define sIN IP_VS_SCTP_S_INIT
777 * We have got an INIT from client. From the spec.“Upon receipt of 249#define sCS IP_VS_SCTP_S_COOKIE_SENT
778 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with 250#define sCR IP_VS_SCTP_S_COOKIE_REPLIED
779 * an INIT ACK using the same parameters it sent in its original 251#define sCW IP_VS_SCTP_S_COOKIE_WAIT
780 * INIT chunk (including its Initiate Tag, unchanged”). 252#define sCO IP_VS_SCTP_S_COOKIE
781 */ 253#define sCE IP_VS_SCTP_S_COOKIE_ECHOED
782 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ }, 254#define sES IP_VS_SCTP_S_ESTABLISHED
783 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ }, 255#define sSS IP_VS_SCTP_S_SHUTDOWN_SENT
784 /* 256#define sSR IP_VS_SCTP_S_SHUTDOWN_RECEIVED
785 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says, 257#define sSA IP_VS_SCTP_S_SHUTDOWN_ACK_SENT
786 * “If an INIT ACK is received by an endpoint in any state other 258#define sRJ IP_VS_SCTP_S_REJECTED
787 * than the COOKIE-WAIT state, the endpoint should discard the 259#define sCL IP_VS_SCTP_S_CLOSED
788 * INIT ACK chunk”. Stay in the same state 260
789 */ 261static const __u8 sctp_states
790 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ }, 262 [IP_VS_DIR_LAST][IP_VS_SCTP_EVENT_LAST][IP_VS_SCTP_S_LAST] = {
791 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_INIT_ACK_SER */ }, 263 { /* INPUT */
792 /* 264/* sNO, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL*/
793 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the 265/* d */{sES, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
794 * peer and peer shall move to the ESTABISHED. if it doesn't handle 266/* i */{sI1, sIN, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sIN, sIN},
795 * it will send ERROR chunk. So, stay in the same state 267/* i_a */{sCW, sCW, sCW, sCS, sCR, sCO, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
796 */ 268/* c_e */{sCR, sIN, sIN, sCR, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
797 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ }, 269/* c_a */{sES, sI1, sIN, sCS, sCR, sCW, sCO, sES, sES, sSS, sSR, sSA, sRJ, sCL},
798 {IP_VS_SCTP_S_ESTABLISHED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ }, 270/* s */{sSR, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sSR, sSS, sSR, sSA, sRJ, sCL},
799 /* 271/* s_a */{sCL, sIN, sIN, sCS, sCR, sCW, sCO, sCE, sES, sCL, sSR, sCL, sRJ, sCL},
800 * COOKIE ACK from client, not sure what to do stay in the same state 272/* s_c */{sCL, sCL, sCL, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sCL, sRJ, sCL},
801 */ 273/* err */{sCL, sI1, sIN, sCS, sCR, sCW, sCO, sCL, sES, sSS, sSR, sSA, sRJ, sCL},
802 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ }, 274/* ab */{sCL, sCL, sCL, sCL, sCL, sRJ, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL},
803 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ }, 275 },
804 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ }, 276 { /* OUTPUT */
805 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ }, 277/* sNO, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL*/
806 /* 278/* d */{sES, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
807 * SHUTDOWN sent from the client, move to SHUDDOWN_CLI 279/* i */{sCW, sCW, sCW, sCW, sCW, sCW, sCW, sCW, sES, sCW, sCW, sCW, sCW, sCW},
808 */ 280/* i_a */{sCS, sCS, sCS, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
809 {IP_VS_SCTP_S_SHUT_CLI /* IP_VS_SCTP_EVE_SHUT_CLI */ }, 281/* c_e */{sCE, sCE, sCE, sCE, sCE, sCE, sCE, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
810 /* 282/* c_a */{sES, sES, sES, sES, sES, sES, sES, sES, sES, sSS, sSR, sSA, sRJ, sCL},
811 * SHUTDOWN sent from the server, move to SHUTDOWN_SER 283/* s */{sSS, sSS, sSS, sSS, sSS, sSS, sSS, sSS, sSS, sSS, sSR, sSA, sRJ, sCL},
812 */ 284/* s_a */{sSA, sSA, sSA, sSA, sSA, sCW, sCO, sCE, sES, sSA, sSA, sSA, sRJ, sCL},
813 {IP_VS_SCTP_S_SHUT_SER /* IP_VS_SCTP_EVE_SHUT_SER */ }, 285/* s_c */{sCL, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
814 /* 286/* err */{sCL, sCL, sCL, sCL, sCL, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
815 * client sent SHUDTDOWN_ACK, this should not happen let's close 287/* ab */{sCL, sRJ, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL},
816 * the connection. 288 },
817 */ 289 { /* INPUT-ONLY */
818 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ }, 290/* sNO, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL*/
819 /* 291/* d */{sES, sI1, sIN, sCS, sCR, sES, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
820 * Server resent SHUTDOWN ACK, stay in the same state 292/* i */{sI1, sIN, sIN, sIN, sIN, sIN, sCO, sCE, sES, sSS, sSR, sSA, sIN, sIN},
821 */ 293/* i_a */{sCE, sCE, sCE, sCE, sCE, sCE, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
822 {IP_VS_SCTP_S_SHUT_ACK_SER /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ }, 294/* c_e */{sES, sES, sES, sES, sES, sES, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
823 /* 295/* c_a */{sES, sI1, sIN, sES, sES, sCW, sES, sES, sES, sSS, sSR, sSA, sRJ, sCL},
824 * SHUTDOWN COM from client, this what we are expecting, let's close 296/* s */{sSR, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sSR, sSS, sSR, sSA, sRJ, sCL},
825 * the connection 297/* s_a */{sCL, sIN, sIN, sCS, sCR, sCW, sCO, sCE, sCL, sCL, sSR, sCL, sRJ, sCL},
826 */ 298/* s_c */{sCL, sCL, sCL, sCL, sCL, sCW, sCO, sCE, sES, sSS, sCL, sCL, sRJ, sCL},
827 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ }, 299/* err */{sCL, sI1, sIN, sCS, sCR, sCW, sCO, sCE, sES, sSS, sSR, sSA, sRJ, sCL},
828 /* 300/* ab */{sCL, sCL, sCL, sCL, sCL, sRJ, sCL, sCL, sCL, sCL, sCL, sCL, sCL, sCL},
829 * SHUTDOWN COMPLETE from server this should not happen. 301 },
830 */
831 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
832 },
833 /*
834 * State : IP_VS_SCTP_S_CLOSED
835 */
836 {{IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_CLI */ },
837 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_DATA_SER */ },
838 {IP_VS_SCTP_S_INIT_CLI /* IP_VS_SCTP_EVE_INIT_CLI */ },
839 {IP_VS_SCTP_S_INIT_SER /* IP_VS_SCTP_EVE_INIT_SER */ },
840 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
841 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
842 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
843 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
844 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
845 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
846 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_CLI */ },
847 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_ABORT_SER */ },
848 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_CLI */ },
849 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_SER */ },
850 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
851 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
852 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
853 {IP_VS_SCTP_S_CLOSED /* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
854 }
855}; 302};
856 303
857/* 304#define IP_VS_SCTP_MAX_RTO ((60 + 1) * HZ)
858 * Timeout table[state] 305
859 */ 306/* Timeout table[state] */
860static const int sctp_timeouts[IP_VS_SCTP_S_LAST + 1] = { 307static const int sctp_timeouts[IP_VS_SCTP_S_LAST + 1] = {
861 [IP_VS_SCTP_S_NONE] = 2 * HZ, 308 [IP_VS_SCTP_S_NONE] = 2 * HZ,
862 [IP_VS_SCTP_S_INIT_CLI] = 1 * 60 * HZ, 309 [IP_VS_SCTP_S_INIT1] = (0 + 3 + 1) * HZ,
863 [IP_VS_SCTP_S_INIT_SER] = 1 * 60 * HZ, 310 [IP_VS_SCTP_S_INIT] = IP_VS_SCTP_MAX_RTO,
864 [IP_VS_SCTP_S_INIT_ACK_CLI] = 1 * 60 * HZ, 311 [IP_VS_SCTP_S_COOKIE_SENT] = IP_VS_SCTP_MAX_RTO,
865 [IP_VS_SCTP_S_INIT_ACK_SER] = 1 * 60 * HZ, 312 [IP_VS_SCTP_S_COOKIE_REPLIED] = IP_VS_SCTP_MAX_RTO,
866 [IP_VS_SCTP_S_ECHO_CLI] = 1 * 60 * HZ, 313 [IP_VS_SCTP_S_COOKIE_WAIT] = IP_VS_SCTP_MAX_RTO,
867 [IP_VS_SCTP_S_ECHO_SER] = 1 * 60 * HZ, 314 [IP_VS_SCTP_S_COOKIE] = IP_VS_SCTP_MAX_RTO,
868 [IP_VS_SCTP_S_ESTABLISHED] = 15 * 60 * HZ, 315 [IP_VS_SCTP_S_COOKIE_ECHOED] = IP_VS_SCTP_MAX_RTO,
869 [IP_VS_SCTP_S_SHUT_CLI] = 1 * 60 * HZ, 316 [IP_VS_SCTP_S_ESTABLISHED] = 15 * 60 * HZ,
870 [IP_VS_SCTP_S_SHUT_SER] = 1 * 60 * HZ, 317 [IP_VS_SCTP_S_SHUTDOWN_SENT] = IP_VS_SCTP_MAX_RTO,
871 [IP_VS_SCTP_S_SHUT_ACK_CLI] = 1 * 60 * HZ, 318 [IP_VS_SCTP_S_SHUTDOWN_RECEIVED] = IP_VS_SCTP_MAX_RTO,
872 [IP_VS_SCTP_S_SHUT_ACK_SER] = 1 * 60 * HZ, 319 [IP_VS_SCTP_S_SHUTDOWN_ACK_SENT] = IP_VS_SCTP_MAX_RTO,
873 [IP_VS_SCTP_S_CLOSED] = 10 * HZ, 320 [IP_VS_SCTP_S_REJECTED] = (0 + 3 + 1) * HZ,
874 [IP_VS_SCTP_S_LAST] = 2 * HZ, 321 [IP_VS_SCTP_S_CLOSED] = IP_VS_SCTP_MAX_RTO,
322 [IP_VS_SCTP_S_LAST] = 2 * HZ,
875}; 323};
876 324
877static const char *sctp_state_name_table[IP_VS_SCTP_S_LAST + 1] = { 325static const char *sctp_state_name_table[IP_VS_SCTP_S_LAST + 1] = {
878 [IP_VS_SCTP_S_NONE] = "NONE", 326 [IP_VS_SCTP_S_NONE] = "NONE",
879 [IP_VS_SCTP_S_INIT_CLI] = "INIT_CLI", 327 [IP_VS_SCTP_S_INIT1] = "INIT1",
880 [IP_VS_SCTP_S_INIT_SER] = "INIT_SER", 328 [IP_VS_SCTP_S_INIT] = "INIT",
881 [IP_VS_SCTP_S_INIT_ACK_CLI] = "INIT_ACK_CLI", 329 [IP_VS_SCTP_S_COOKIE_SENT] = "C-SENT",
882 [IP_VS_SCTP_S_INIT_ACK_SER] = "INIT_ACK_SER", 330 [IP_VS_SCTP_S_COOKIE_REPLIED] = "C-REPLIED",
883 [IP_VS_SCTP_S_ECHO_CLI] = "COOKIE_ECHO_CLI", 331 [IP_VS_SCTP_S_COOKIE_WAIT] = "C-WAIT",
884 [IP_VS_SCTP_S_ECHO_SER] = "COOKIE_ECHO_SER", 332 [IP_VS_SCTP_S_COOKIE] = "COOKIE",
885 [IP_VS_SCTP_S_ESTABLISHED] = "ESTABISHED", 333 [IP_VS_SCTP_S_COOKIE_ECHOED] = "C-ECHOED",
886 [IP_VS_SCTP_S_SHUT_CLI] = "SHUTDOWN_CLI", 334 [IP_VS_SCTP_S_ESTABLISHED] = "ESTABLISHED",
887 [IP_VS_SCTP_S_SHUT_SER] = "SHUTDOWN_SER", 335 [IP_VS_SCTP_S_SHUTDOWN_SENT] = "S-SENT",
888 [IP_VS_SCTP_S_SHUT_ACK_CLI] = "SHUTDOWN_ACK_CLI", 336 [IP_VS_SCTP_S_SHUTDOWN_RECEIVED] = "S-RECEIVED",
889 [IP_VS_SCTP_S_SHUT_ACK_SER] = "SHUTDOWN_ACK_SER", 337 [IP_VS_SCTP_S_SHUTDOWN_ACK_SENT] = "S-ACK-SENT",
890 [IP_VS_SCTP_S_CLOSED] = "CLOSED", 338 [IP_VS_SCTP_S_REJECTED] = "REJECTED",
891 [IP_VS_SCTP_S_LAST] = "BUG!" 339 [IP_VS_SCTP_S_CLOSED] = "CLOSED",
340 [IP_VS_SCTP_S_LAST] = "BUG!",
892}; 341};
893 342
894 343
@@ -945,17 +394,20 @@ set_sctp_state(struct ip_vs_proto_data *pd, struct ip_vs_conn *cp,
945 } 394 }
946 } 395 }
947 396
948 event = sctp_events[chunk_type]; 397 event = (chunk_type < sizeof(sctp_events)) ?
398 sctp_events[chunk_type] : IP_VS_SCTP_DATA;
949 399
950 /* 400 /* Update direction to INPUT_ONLY if necessary
951 * If the direction is IP_VS_DIR_OUTPUT, this event is from server 401 * or delete NO_OUTPUT flag if output packet detected
952 */
953 if (direction == IP_VS_DIR_OUTPUT)
954 event++;
955 /*
956 * get next state
957 */ 402 */
958 next_state = sctp_states_table[cp->state][event].next_state; 403 if (cp->flags & IP_VS_CONN_F_NOOUTPUT) {
404 if (direction == IP_VS_DIR_OUTPUT)
405 cp->flags &= ~IP_VS_CONN_F_NOOUTPUT;
406 else
407 direction = IP_VS_DIR_INPUT_ONLY;
408 }
409
410 next_state = sctp_states[direction][event][cp->state];
959 411
960 if (next_state != cp->state) { 412 if (next_state != cp->state) {
961 struct ip_vs_dest *dest = cp->dest; 413 struct ip_vs_dest *dest = cp->dest;
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index f6046d9af8d3..2fc66394d86d 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -461,9 +461,10 @@ static int ip_vs_sync_conn_needed(struct netns_ipvs *ipvs,
461 } else if (unlikely(cp->protocol == IPPROTO_SCTP)) { 461 } else if (unlikely(cp->protocol == IPPROTO_SCTP)) {
462 if (!((1 << cp->state) & 462 if (!((1 << cp->state) &
463 ((1 << IP_VS_SCTP_S_ESTABLISHED) | 463 ((1 << IP_VS_SCTP_S_ESTABLISHED) |
464 (1 << IP_VS_SCTP_S_CLOSED) | 464 (1 << IP_VS_SCTP_S_SHUTDOWN_SENT) |
465 (1 << IP_VS_SCTP_S_SHUT_ACK_CLI) | 465 (1 << IP_VS_SCTP_S_SHUTDOWN_RECEIVED) |
466 (1 << IP_VS_SCTP_S_SHUT_ACK_SER)))) 466 (1 << IP_VS_SCTP_S_SHUTDOWN_ACK_SENT) |
467 (1 << IP_VS_SCTP_S_CLOSED))))
467 return 0; 468 return 0;
468 force = cp->state != cp->old_state; 469 force = cp->state != cp->old_state;
469 if (force && cp->state != IP_VS_SCTP_S_ESTABLISHED) 470 if (force && cp->state != IP_VS_SCTP_S_ESTABLISHED)
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-15 17:33:41 -0400