Commit 3e30e026 authored by David S. Miller's avatar David S. Miller

Merge nuts.davemloft.net:/disk1/BK/network-2.6

into nuts.davemloft.net:/disk1/BK/net-2.6
parents 9df1b883 5acf03f8
...@@ -1384,95 +1384,223 @@ proc_do_sync_threshold(ctl_table *table, int write, struct file *filp, ...@@ -1384,95 +1384,223 @@ proc_do_sync_threshold(ctl_table *table, int write, struct file *filp,
/* /*
* IPVS sysctl table (under the /proc/sys/net/ipv4/vs/) * IPVS sysctl table (under the /proc/sys/net/ipv4/vs/)
*/ */
struct ip_vs_sysctl_table {
struct ctl_table_header *sysctl_header;
ctl_table vs_vars[NET_IPV4_VS_LAST];
ctl_table vs_dir[2];
ctl_table ipv4_dir[2];
ctl_table root_dir[2];
};
static struct ip_vs_sysctl_table ipv4_vs_table = { static struct ctl_table vs_vars[] = {
NULL, {
{{NET_IPV4_VS_AMEMTHRESH, "amemthresh", .ctl_name = NET_IPV4_VS_AMEMTHRESH,
&sysctl_ip_vs_amemthresh, sizeof(int), 0644, NULL, .procname = "amemthresh",
&proc_dointvec}, .data = &sysctl_ip_vs_amemthresh,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
},
#ifdef CONFIG_IP_VS_DEBUG #ifdef CONFIG_IP_VS_DEBUG
{NET_IPV4_VS_DEBUG_LEVEL, "debug_level", {
&sysctl_ip_vs_debug_level, sizeof(int), 0644, NULL, .ctl_name = NET_IPV4_VS_DEBUG_LEVEL,
&proc_dointvec}, .procname = "debug_level",
.data = &sysctl_ip_vs_debug_level,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
},
#endif #endif
{NET_IPV4_VS_AMDROPRATE, "am_droprate", {
&sysctl_ip_vs_am_droprate, sizeof(int), 0644, NULL, .ctl_name = NET_IPV4_VS_AMDROPRATE,
&proc_dointvec}, .procname = "am_droprate",
{NET_IPV4_VS_DROP_ENTRY, "drop_entry", .data = &sysctl_ip_vs_am_droprate,
&sysctl_ip_vs_drop_entry, sizeof(int), 0644, NULL, .maxlen = sizeof(int),
&proc_do_defense_mode}, .mode = 0644,
{NET_IPV4_VS_DROP_PACKET, "drop_packet", .proc_handler = &proc_dointvec,
&sysctl_ip_vs_drop_packet, sizeof(int), 0644, NULL, },
&proc_do_defense_mode}, {
{NET_IPV4_VS_SECURE_TCP, "secure_tcp", .ctl_name = NET_IPV4_VS_DROP_ENTRY,
&sysctl_ip_vs_secure_tcp, sizeof(int), 0644, NULL, .procname = "drop_entry",
&proc_do_defense_mode}, .data = &sysctl_ip_vs_drop_entry,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_do_defense_mode,
},
{
.ctl_name = NET_IPV4_VS_DROP_PACKET,
.procname = "drop_packet",
.data = &sysctl_ip_vs_drop_packet,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_do_defense_mode,
},
{
.ctl_name = NET_IPV4_VS_SECURE_TCP,
.procname = "secure_tcp",
.data = &sysctl_ip_vs_secure_tcp,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_do_defense_mode,
},
#if 0 #if 0
{NET_IPV4_VS_TO_ES, "timeout_established", {
&vs_timeout_table_dos.timeout[IP_VS_S_ESTABLISHED], .ctl_name = NET_IPV4_VS_TO_ES,
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .procname = "timeout_established",
{NET_IPV4_VS_TO_SS, "timeout_synsent", .data = &vs_timeout_table_dos.timeout[IP_VS_S_ESTABLISHED],
&vs_timeout_table_dos.timeout[IP_VS_S_SYN_SENT], .maxlen = sizeof(int),
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .mode = 0644,
{NET_IPV4_VS_TO_SR, "timeout_synrecv", .proc_handler = &proc_dointvec_jiffies,
&vs_timeout_table_dos.timeout[IP_VS_S_SYN_RECV], },
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, {
{NET_IPV4_VS_TO_FW, "timeout_finwait", .ctl_name = NET_IPV4_VS_TO_SS,
&vs_timeout_table_dos.timeout[IP_VS_S_FIN_WAIT], .procname = "timeout_synsent",
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .data = &vs_timeout_table_dos.timeout[IP_VS_S_SYN_SENT],
{NET_IPV4_VS_TO_TW, "timeout_timewait", .maxlen = sizeof(int),
&vs_timeout_table_dos.timeout[IP_VS_S_TIME_WAIT], .mode = 0644,
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .proc_handler = &proc_dointvec_jiffies,
{NET_IPV4_VS_TO_CL, "timeout_close", },
&vs_timeout_table_dos.timeout[IP_VS_S_CLOSE], {
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .ctl_name = NET_IPV4_VS_TO_SR,
{NET_IPV4_VS_TO_CW, "timeout_closewait", .procname = "timeout_synrecv",
&vs_timeout_table_dos.timeout[IP_VS_S_CLOSE_WAIT], .data = &vs_timeout_table_dos.timeout[IP_VS_S_SYN_RECV],
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .maxlen = sizeof(int),
{NET_IPV4_VS_TO_LA, "timeout_lastack", .mode = 0644,
&vs_timeout_table_dos.timeout[IP_VS_S_LAST_ACK], .proc_handler = &proc_dointvec_jiffies,
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, },
{NET_IPV4_VS_TO_LI, "timeout_listen", {
&vs_timeout_table_dos.timeout[IP_VS_S_LISTEN], .ctl_name = NET_IPV4_VS_TO_FW,
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .procname = "timeout_finwait",
{NET_IPV4_VS_TO_SA, "timeout_synack", .data = &vs_timeout_table_dos.timeout[IP_VS_S_FIN_WAIT],
&vs_timeout_table_dos.timeout[IP_VS_S_SYNACK], .maxlen = sizeof(int),
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .mode = 0644,
{NET_IPV4_VS_TO_UDP, "timeout_udp", .proc_handler = &proc_dointvec_jiffies,
&vs_timeout_table_dos.timeout[IP_VS_S_UDP], },
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, {
{NET_IPV4_VS_TO_ICMP, "timeout_icmp", .ctl_name = NET_IPV4_VS_TO_TW,
&vs_timeout_table_dos.timeout[IP_VS_S_ICMP], .procname = "timeout_timewait",
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .data = &vs_timeout_table_dos.timeout[IP_VS_S_TIME_WAIT],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_CL,
.procname = "timeout_close",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_CLOSE],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_CW,
.procname = "timeout_closewait",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_CLOSE_WAIT],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_LA,
.procname = "timeout_lastack",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_LAST_ACK],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_LI,
.procname = "timeout_listen",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_LISTEN],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_SA,
.procname = "timeout_synack",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_SYNACK],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_UDP,
.procname = "timeout_udp",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_UDP],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{
.ctl_name = NET_IPV4_VS_TO_ICMP,
.procname = "timeout_icmp",
.data = &vs_timeout_table_dos.timeout[IP_VS_S_ICMP],
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
#endif #endif
{NET_IPV4_VS_CACHE_BYPASS, "cache_bypass", {
&sysctl_ip_vs_cache_bypass, sizeof(int), 0644, NULL, .ctl_name = NET_IPV4_VS_CACHE_BYPASS,
&proc_dointvec}, .procname = "cache_bypass",
{NET_IPV4_VS_EXPIRE_NODEST_CONN, "expire_nodest_conn", .data = &sysctl_ip_vs_cache_bypass,
&sysctl_ip_vs_expire_nodest_conn, sizeof(int), 0644, NULL, .maxlen = sizeof(int),
&proc_dointvec}, .mode = 0644,
{NET_IPV4_VS_SYNC_THRESHOLD, "sync_threshold", .proc_handler = &proc_dointvec,
&sysctl_ip_vs_sync_threshold, sizeof(sysctl_ip_vs_sync_threshold), },
0644, NULL, &proc_do_sync_threshold}, {
{NET_IPV4_VS_NAT_ICMP_SEND, "nat_icmp_send", .ctl_name = NET_IPV4_VS_EXPIRE_NODEST_CONN,
&sysctl_ip_vs_nat_icmp_send, sizeof(int), 0644, NULL, .procname = "expire_nodest_conn",
&proc_dointvec}, .data = &sysctl_ip_vs_expire_nodest_conn,
{0}}, .maxlen = sizeof(int),
{{NET_IPV4_VS, "vs", NULL, 0, 0555, ipv4_vs_table.vs_vars}, .mode = 0644,
{0}}, .proc_handler = &proc_dointvec,
{{NET_IPV4, "ipv4", NULL, 0, 0555, ipv4_vs_table.vs_dir}, },
{0}}, {
{{CTL_NET, "net", NULL, 0, 0555, ipv4_vs_table.ipv4_dir}, .ctl_name = NET_IPV4_VS_SYNC_THRESHOLD,
{0}} .procname = "sync_threshold",
.data = &sysctl_ip_vs_sync_threshold,
.maxlen = sizeof(sysctl_ip_vs_sync_threshold),
.mode = 0644,
.proc_handler = &proc_do_sync_threshold,
},
{
.ctl_name = NET_IPV4_VS_NAT_ICMP_SEND,
.procname = "nat_icmp_send",
.data = &sysctl_ip_vs_nat_icmp_send,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
},
{ .ctl_name = 0 }
};
static ctl_table vs_table[] = {
{
.ctl_name = NET_IPV4_VS,
.procname = "vs",
.mode = 0555,
.child = vs_vars
},
{ .ctl_name = 0 }
};
static ctl_table ipv4_table[] = {
{
.ctl_name = NET_IPV4,
.procname = "ipv4",
.mode = 0555,
.child = vs_table,
},
{ .ctl_name = 0 }
}; };
static ctl_table vs_root_table[] = {
{
.ctl_name = CTL_NET,
.procname = "net",
.mode = 0555,
.child = ipv4_table,
},
{ .ctl_name = 0 }
};
static struct ctl_table_header * sysctl_header;
#ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS
struct ip_vs_iter { struct ip_vs_iter {
...@@ -2184,9 +2312,13 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) ...@@ -2184,9 +2312,13 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
static struct nf_sockopt_ops ip_vs_sockopts = { static struct nf_sockopt_ops ip_vs_sockopts = {
{ NULL, NULL }, PF_INET, .pf = PF_INET,
IP_VS_BASE_CTL, IP_VS_SO_SET_MAX+1, do_ip_vs_set_ctl, .set_optmin = IP_VS_BASE_CTL,
IP_VS_BASE_CTL, IP_VS_SO_GET_MAX+1, do_ip_vs_get_ctl .set_optmax = IP_VS_SO_SET_MAX+1,
.set = do_ip_vs_set_ctl,
.get_optmin = IP_VS_BASE_CTL,
.get_optmax = IP_VS_SO_GET_MAX+1,
.get = do_ip_vs_get_ctl,
}; };
...@@ -2206,8 +2338,7 @@ int ip_vs_control_init(void) ...@@ -2206,8 +2338,7 @@ int ip_vs_control_init(void)
proc_net_fops_create("ip_vs", 0, &ip_vs_info_fops); proc_net_fops_create("ip_vs", 0, &ip_vs_info_fops);
proc_net_fops_create("ip_vs_stats",0, &ip_vs_stats_fops); proc_net_fops_create("ip_vs_stats",0, &ip_vs_stats_fops);
ipv4_vs_table.sysctl_header = sysctl_header = register_sysctl_table(vs_root_table, 0);
register_sysctl_table(ipv4_vs_table.root_dir, 0);
/* Initialize ip_vs_svc_table, ip_vs_svc_fwm_table, ip_vs_rtable */ /* Initialize ip_vs_svc_table, ip_vs_svc_fwm_table, ip_vs_rtable */
for(idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) { for(idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) {
...@@ -2239,7 +2370,7 @@ void ip_vs_control_cleanup(void) ...@@ -2239,7 +2370,7 @@ void ip_vs_control_cleanup(void)
ip_vs_trash_cleanup(); ip_vs_trash_cleanup();
del_timer_sync(&defense_timer); del_timer_sync(&defense_timer);
ip_vs_kill_estimator(&ip_vs_stats); ip_vs_kill_estimator(&ip_vs_stats);
unregister_sysctl_table(ipv4_vs_table.sysctl_header); unregister_sysctl_table(sysctl_header);
proc_net_remove("ip_vs_stats"); proc_net_remove("ip_vs_stats");
proc_net_remove("ip_vs"); proc_net_remove("ip_vs");
nf_unregister_sockopt(&ip_vs_sockopts); nf_unregister_sockopt(&ip_vs_sockopts);
......
...@@ -108,29 +108,50 @@ struct ip_vs_lblc_table { ...@@ -108,29 +108,50 @@ struct ip_vs_lblc_table {
/* /*
* IPVS LBLC sysctl table * IPVS LBLC sysctl table
*/ */
struct ip_vs_lblc_sysctl_table {
struct ctl_table_header *sysctl_header; static ctl_table vs_vars_table[] = {
ctl_table vs_vars[2]; {
ctl_table vs_dir[2]; .ctl_name = NET_IPV4_VS_LBLC_EXPIRE,
ctl_table ipv4_dir[2]; .procname = "lblc_expiration",
ctl_table root_dir[2]; .data = &sysctl_ip_vs_lblc_expiration,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{ .ctl_name = 0 }
};
static ctl_table vs_table[] = {
{
.ctl_name = NET_IPV4_VS,
.procname = "vs",
.mode = 0555,
.child = vs_vars_table
},
{ .ctl_name = 0 }
}; };
static ctl_table ipv4_table[] = {
{
.ctl_name = NET_IPV4,
.procname = "ipv4",
.mode = 0555,
.child = vs_table
},
{ .ctl_name = 0 }
};
static struct ip_vs_lblc_sysctl_table lblc_sysctl_table = { static ctl_table lblc_root_table[] = {
NULL, {
{{NET_IPV4_VS_LBLC_EXPIRE, "lblc_expiration", .ctl_name = CTL_NET,
&sysctl_ip_vs_lblc_expiration, .procname = "net",
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .mode = 0555,
{0}}, .child = ipv4_table
{{NET_IPV4_VS, "vs", NULL, 0, 0555, lblc_sysctl_table.vs_vars}, },
{0}}, { .ctl_name = 0 }
{{NET_IPV4, "ipv4", NULL, 0, 0555, lblc_sysctl_table.vs_dir},
{0}},
{{CTL_NET, "net", NULL, 0, 0555, lblc_sysctl_table.ipv4_dir},
{0}}
}; };
static struct ctl_table_header * sysctl_header;
/* /*
* new/free a ip_vs_lblc_entry, which is a mapping of a destionation * new/free a ip_vs_lblc_entry, which is a mapping of a destionation
...@@ -586,15 +607,14 @@ static struct ip_vs_scheduler ip_vs_lblc_scheduler = ...@@ -586,15 +607,14 @@ static struct ip_vs_scheduler ip_vs_lblc_scheduler =
static int __init ip_vs_lblc_init(void) static int __init ip_vs_lblc_init(void)
{ {
INIT_LIST_HEAD(&ip_vs_lblc_scheduler.n_list); INIT_LIST_HEAD(&ip_vs_lblc_scheduler.n_list);
lblc_sysctl_table.sysctl_header = sysctl_header = register_sysctl_table(lblc_root_table, 0);
register_sysctl_table(lblc_sysctl_table.root_dir, 0);
return register_ip_vs_scheduler(&ip_vs_lblc_scheduler); return register_ip_vs_scheduler(&ip_vs_lblc_scheduler);
} }
static void __exit ip_vs_lblc_cleanup(void) static void __exit ip_vs_lblc_cleanup(void)
{ {
unregister_sysctl_table(lblc_sysctl_table.sysctl_header); unregister_sysctl_table(sysctl_header);
unregister_ip_vs_scheduler(&ip_vs_lblc_scheduler); unregister_ip_vs_scheduler(&ip_vs_lblc_scheduler);
} }
......
...@@ -297,29 +297,50 @@ struct ip_vs_lblcr_table { ...@@ -297,29 +297,50 @@ struct ip_vs_lblcr_table {
/* /*
* IPVS LBLCR sysctl table * IPVS LBLCR sysctl table
*/ */
struct ip_vs_lblcr_sysctl_table {
struct ctl_table_header *sysctl_header; static ctl_table vs_vars_table[] = {
ctl_table vs_vars[2]; {
ctl_table vs_dir[2]; .ctl_name = NET_IPV4_VS_LBLCR_EXPIRE,
ctl_table ipv4_dir[2]; .procname = "lblcr_expiration",
ctl_table root_dir[2]; .data = &sysctl_ip_vs_lblcr_expiration,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_jiffies,
},
{ .ctl_name = 0 }
};
static ctl_table vs_table[] = {
{
.ctl_name = NET_IPV4_VS,
.procname = "vs",
.mode = 0555,
.child = vs_vars_table
},
{ .ctl_name = 0 }
}; };
static ctl_table ipv4_table[] = {
{
.ctl_name = NET_IPV4,
.procname = "ipv4",
.mode = 0555,
.child = vs_table
},
{ .ctl_name = 0 }
};
static struct ip_vs_lblcr_sysctl_table lblcr_sysctl_table = { static ctl_table lblcr_root_table[] = {
NULL, {
{{NET_IPV4_VS_LBLCR_EXPIRE, "lblcr_expiration", .ctl_name = CTL_NET,
&sysctl_ip_vs_lblcr_expiration, .procname = "net",
sizeof(int), 0644, NULL, &proc_dointvec_jiffies}, .mode = 0555,
{0}}, .child = ipv4_table
{{NET_IPV4_VS, "vs", NULL, 0, 0555, lblcr_sysctl_table.vs_vars}, },
{0}}, { .ctl_name = 0 }
{{NET_IPV4, "ipv4", NULL, 0, 0555, lblcr_sysctl_table.vs_dir},
{0}},
{{CTL_NET, "net", NULL, 0, 0555, lblcr_sysctl_table.ipv4_dir},
{0}}
}; };
static struct ctl_table_header * sysctl_header;
/* /*
* new/free a ip_vs_lblcr_entry, which is a mapping of a destination * new/free a ip_vs_lblcr_entry, which is a mapping of a destination
...@@ -844,8 +865,7 @@ static struct ip_vs_scheduler ip_vs_lblcr_scheduler = ...@@ -844,8 +865,7 @@ static struct ip_vs_scheduler ip_vs_lblcr_scheduler =
static int __init ip_vs_lblcr_init(void) static int __init ip_vs_lblcr_init(void)
{ {
INIT_LIST_HEAD(&ip_vs_lblcr_scheduler.n_list); INIT_LIST_HEAD(&ip_vs_lblcr_scheduler.n_list);
lblcr_sysctl_table.sysctl_header = sysctl_header = register_sysctl_table(lblcr_root_table, 0);
register_sysctl_table(lblcr_sysctl_table.root_dir, 0);
#ifdef CONFIG_IP_VS_LBLCR_DEBUG #ifdef CONFIG_IP_VS_LBLCR_DEBUG
proc_net_create("ip_vs_lblcr", 0, ip_vs_lblcr_getinfo); proc_net_create("ip_vs_lblcr", 0, ip_vs_lblcr_getinfo);
#endif #endif
...@@ -858,7 +878,7 @@ static void __exit ip_vs_lblcr_cleanup(void) ...@@ -858,7 +878,7 @@ static void __exit ip_vs_lblcr_cleanup(void)
#ifdef CONFIG_IP_VS_LBLCR_DEBUG #ifdef CONFIG_IP_VS_LBLCR_DEBUG
proc_net_remove("ip_vs_lblcr"); proc_net_remove("ip_vs_lblcr");
#endif #endif
unregister_sysctl_table(lblcr_sysctl_table.sysctl_header); unregister_sysctl_table(sysctl_header);
unregister_ip_vs_scheduler(&ip_vs_lblcr_scheduler); unregister_ip_vs_scheduler(&ip_vs_lblcr_scheduler);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment