aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/net/ip_vs.h53
1 files changed, 41 insertions, 12 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index 6e8a6192e574..b7bbd6c28cfa 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -25,7 +25,7 @@
25#include <linux/ip.h> 25#include <linux/ip.h>
26#include <linux/ipv6.h> /* for struct ipv6hdr */ 26#include <linux/ipv6.h> /* for struct ipv6hdr */
27#include <net/ipv6.h> /* for ipv6_addr_copy */ 27#include <net/ipv6.h> /* for ipv6_addr_copy */
28#ifdef CONFIG_IP_VS_NFCT 28#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
29#include <net/netfilter/nf_conntrack.h> 29#include <net/netfilter/nf_conntrack.h>
30#endif 30#endif
31 31
@@ -136,24 +136,24 @@ static inline const char *ip_vs_dbg_addr(int af, char *buf, size_t buf_len,
136 if (net_ratelimit()) \ 136 if (net_ratelimit()) \
137 printk(KERN_DEBUG pr_fmt(msg), ##__VA_ARGS__); \ 137 printk(KERN_DEBUG pr_fmt(msg), ##__VA_ARGS__); \
138 } while (0) 138 } while (0)
139#define IP_VS_DBG_PKT(level, pp, skb, ofs, msg) \ 139#define IP_VS_DBG_PKT(level, af, pp, skb, ofs, msg) \
140 do { \ 140 do { \
141 if (level <= ip_vs_get_debug_level()) \ 141 if (level <= ip_vs_get_debug_level()) \
142 pp->debug_packet(pp, skb, ofs, msg); \ 142 pp->debug_packet(af, pp, skb, ofs, msg); \
143 } while (0) 143 } while (0)
144#define IP_VS_DBG_RL_PKT(level, pp, skb, ofs, msg) \ 144#define IP_VS_DBG_RL_PKT(level, af, pp, skb, ofs, msg) \
145 do { \ 145 do { \
146 if (level <= ip_vs_get_debug_level() && \ 146 if (level <= ip_vs_get_debug_level() && \
147 net_ratelimit()) \ 147 net_ratelimit()) \
148 pp->debug_packet(pp, skb, ofs, msg); \ 148 pp->debug_packet(af, pp, skb, ofs, msg); \
149 } while (0) 149 } while (0)
150#else /* NO DEBUGGING at ALL */ 150#else /* NO DEBUGGING at ALL */
151#define IP_VS_DBG_BUF(level, msg...) do {} while (0) 151#define IP_VS_DBG_BUF(level, msg...) do {} while (0)
152#define IP_VS_ERR_BUF(msg...) do {} while (0) 152#define IP_VS_ERR_BUF(msg...) do {} while (0)
153#define IP_VS_DBG(level, msg...) do {} while (0) 153#define IP_VS_DBG(level, msg...) do {} while (0)
154#define IP_VS_DBG_RL(msg...) do {} while (0) 154#define IP_VS_DBG_RL(msg...) do {} while (0)
155#define IP_VS_DBG_PKT(level, pp, skb, ofs, msg) do {} while (0) 155#define IP_VS_DBG_PKT(level, af, pp, skb, ofs, msg) do {} while (0)
156#define IP_VS_DBG_RL_PKT(level, pp, skb, ofs, msg) do {} while (0) 156#define IP_VS_DBG_RL_PKT(level, af, pp, skb, ofs, msg) do {} while (0)
157#endif 157#endif
158 158
159#define IP_VS_BUG() BUG() 159#define IP_VS_BUG() BUG()
@@ -345,7 +345,7 @@ struct ip_vs_protocol {
345 345
346 int (*app_conn_bind)(struct ip_vs_conn *cp); 346 int (*app_conn_bind)(struct ip_vs_conn *cp);
347 347
348 void (*debug_packet)(struct ip_vs_protocol *pp, 348 void (*debug_packet)(int af, struct ip_vs_protocol *pp,
349 const struct sk_buff *skb, 349 const struct sk_buff *skb,
350 int offset, 350 int offset,
351 const char *msg); 351 const char *msg);
@@ -409,6 +409,7 @@ struct ip_vs_conn {
409 /* packet transmitter for different forwarding methods. If it 409 /* packet transmitter for different forwarding methods. If it
410 mangles the packet, it must return NF_DROP or better NF_STOLEN, 410 mangles the packet, it must return NF_DROP or better NF_STOLEN,
411 otherwise this must be changed to a sk_buff **. 411 otherwise this must be changed to a sk_buff **.
412 NF_ACCEPT can be returned when destination is local.
412 */ 413 */
413 int (*packet_xmit)(struct sk_buff *skb, struct ip_vs_conn *cp, 414 int (*packet_xmit)(struct sk_buff *skb, struct ip_vs_conn *cp,
414 struct ip_vs_protocol *pp); 415 struct ip_vs_protocol *pp);
@@ -597,11 +598,19 @@ struct ip_vs_app {
597 __be16 port; /* port number in net order */ 598 __be16 port; /* port number in net order */
598 atomic_t usecnt; /* usage counter */ 599 atomic_t usecnt; /* usage counter */
599 600
600 /* output hook: return false if can't linearize. diff set for TCP. */ 601 /*
602 * output hook: Process packet in inout direction, diff set for TCP.
603 * Return: 0=Error, 1=Payload Not Mangled/Mangled but checksum is ok,
604 * 2=Mangled but checksum was not updated
605 */
601 int (*pkt_out)(struct ip_vs_app *, struct ip_vs_conn *, 606 int (*pkt_out)(struct ip_vs_app *, struct ip_vs_conn *,
602 struct sk_buff *, int *diff); 607 struct sk_buff *, int *diff);
603 608
604 /* input hook: return false if can't linearize. diff set for TCP. */ 609 /*
610 * input hook: Process packet in outin direction, diff set for TCP.
611 * Return: 0=Error, 1=Payload Not Mangled/Mangled but checksum is ok,
612 * 2=Mangled but checksum was not updated
613 */
605 int (*pkt_in)(struct ip_vs_app *, struct ip_vs_conn *, 614 int (*pkt_in)(struct ip_vs_app *, struct ip_vs_conn *,
606 struct sk_buff *, int *diff); 615 struct sk_buff *, int *diff);
607 616
@@ -819,7 +828,8 @@ extern int
819ip_vs_set_state_timeout(int *table, int num, const char *const *names, 828ip_vs_set_state_timeout(int *table, int num, const char *const *names,
820 const char *name, int to); 829 const char *name, int to);
821extern void 830extern void
822ip_vs_tcpudp_debug_packet(struct ip_vs_protocol *pp, const struct sk_buff *skb, 831ip_vs_tcpudp_debug_packet(int af, struct ip_vs_protocol *pp,
832 const struct sk_buff *skb,
823 int offset, const char *msg); 833 int offset, const char *msg);
824 834
825extern struct ip_vs_protocol ip_vs_protocol_tcp; 835extern struct ip_vs_protocol ip_vs_protocol_tcp;
@@ -841,7 +851,8 @@ extern int ip_vs_unbind_scheduler(struct ip_vs_service *svc);
841extern struct ip_vs_scheduler *ip_vs_scheduler_get(const char *sched_name); 851extern struct ip_vs_scheduler *ip_vs_scheduler_get(const char *sched_name);
842extern void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler); 852extern void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler);
843extern struct ip_vs_conn * 853extern struct ip_vs_conn *
844ip_vs_schedule(struct ip_vs_service *svc, struct sk_buff *skb); 854ip_vs_schedule(struct ip_vs_service *svc, struct sk_buff *skb,
855 struct ip_vs_protocol *pp, int *ignored);
845extern int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, 856extern int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
846 struct ip_vs_protocol *pp); 857 struct ip_vs_protocol *pp);
847 858
@@ -1013,6 +1024,24 @@ static inline __wsum ip_vs_check_diff2(__be16 old, __be16 new, __wsum oldsum)
1013 return csum_partial(diff, sizeof(diff), oldsum); 1024 return csum_partial(diff, sizeof(diff), oldsum);
1014} 1025}
1015 1026
1027/*
1028 * Forget current conntrack (unconfirmed) and attach notrack entry
1029 */
1030static inline void ip_vs_notrack(struct sk_buff *skb)
1031{
1032#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
1033 enum ip_conntrack_info ctinfo;
1034 struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
1035
1036 if (!ct || !nf_ct_is_untracked(ct)) {
1037 nf_reset(skb);
1038 skb->nfct = &nf_ct_untracked_get()->ct_general;
1039 skb->nfctinfo = IP_CT_NEW;
1040 nf_conntrack_get(skb->nfct);
1041 }
1042#endif
1043}
1044
1016#ifdef CONFIG_IP_VS_NFCT 1045#ifdef CONFIG_IP_VS_NFCT
1017/* 1046/*
1018 * Netfilter connection tracking 1047 * Netfilter connection tracking