Commit f71499aa authored by Simon Horman's avatar Simon Horman

IPVS: Fallback if persistence engine fails

Fall back to normal persistence handling if the persistence
engine fails to recognise a packet.

This way, at least the packet will go somewhere.

It is envisaged that iptables could be used to block packets
such if this is not desired although nf_conntrack_sip would
likely need to be enhanced first.
Signed-off-by: default avatarSimon Horman <horms@verge.net.au>
Acked-by: default avatarJulian Anastasov <ja@ssi.bg>
parent 0d1e71b0
...@@ -154,7 +154,7 @@ static unsigned int ip_vs_conn_hashkey_param(const struct ip_vs_conn_param *p, ...@@ -154,7 +154,7 @@ static unsigned int ip_vs_conn_hashkey_param(const struct ip_vs_conn_param *p,
const union nf_inet_addr *addr; const union nf_inet_addr *addr;
__be16 port; __be16 port;
if (p->pe && p->pe->hashkey_raw) if (p->pe_data && p->pe->hashkey_raw)
return p->pe->hashkey_raw(p, ip_vs_conn_rnd, inverse) & return p->pe->hashkey_raw(p, ip_vs_conn_rnd, inverse) &
ip_vs_conn_tab_mask; ip_vs_conn_tab_mask;
...@@ -353,7 +353,7 @@ struct ip_vs_conn *ip_vs_ct_in_get(const struct ip_vs_conn_param *p) ...@@ -353,7 +353,7 @@ struct ip_vs_conn *ip_vs_ct_in_get(const struct ip_vs_conn_param *p)
ct_read_lock(hash); ct_read_lock(hash);
list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) { list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) {
if (p->pe && p->pe->ct_match) { if (p->pe_data && p->pe->ct_match) {
if (p->pe->ct_match(p, cp)) if (p->pe->ct_match(p, cp))
goto out; goto out;
continue; continue;
...@@ -956,7 +956,7 @@ static int ip_vs_conn_seq_show(struct seq_file *seq, void *v) ...@@ -956,7 +956,7 @@ static int ip_vs_conn_seq_show(struct seq_file *seq, void *v)
char pe_data[IP_VS_PENAME_MAXLEN + IP_VS_PEDATA_MAXLEN + 3]; char pe_data[IP_VS_PENAME_MAXLEN + IP_VS_PEDATA_MAXLEN + 3];
size_t len = 0; size_t len = 0;
if (cp->dest && cp->dest->svc->pe && if (cp->dest && cp->pe_data &&
cp->dest->svc->pe->show_pe_data) { cp->dest->svc->pe->show_pe_data) {
pe_data[0] = ' '; pe_data[0] = ' ';
len = strlen(cp->dest->svc->pe->name); len = strlen(cp->dest->svc->pe->name);
......
...@@ -176,7 +176,7 @@ ip_vs_set_state(struct ip_vs_conn *cp, int direction, ...@@ -176,7 +176,7 @@ ip_vs_set_state(struct ip_vs_conn *cp, int direction,
return pp->state_transition(cp, direction, skb, pp); return pp->state_transition(cp, direction, skb, pp);
} }
static inline int static inline void
ip_vs_conn_fill_param_persist(const struct ip_vs_service *svc, ip_vs_conn_fill_param_persist(const struct ip_vs_service *svc,
struct sk_buff *skb, int protocol, struct sk_buff *skb, int protocol,
const union nf_inet_addr *caddr, __be16 cport, const union nf_inet_addr *caddr, __be16 cport,
...@@ -186,8 +186,7 @@ ip_vs_conn_fill_param_persist(const struct ip_vs_service *svc, ...@@ -186,8 +186,7 @@ ip_vs_conn_fill_param_persist(const struct ip_vs_service *svc,
ip_vs_conn_fill_param(svc->af, protocol, caddr, cport, vaddr, vport, p); ip_vs_conn_fill_param(svc->af, protocol, caddr, cport, vaddr, vport, p);
p->pe = svc->pe; p->pe = svc->pe;
if (p->pe && p->pe->fill_param) if (p->pe && p->pe->fill_param)
return p->pe->fill_param(p, skb); p->pe->fill_param(p, skb);
return 0;
} }
/* /*
...@@ -268,9 +267,8 @@ ip_vs_sched_persist(struct ip_vs_service *svc, ...@@ -268,9 +267,8 @@ ip_vs_sched_persist(struct ip_vs_service *svc,
vaddr = &fwmark; vaddr = &fwmark;
} }
} }
if (ip_vs_conn_fill_param_persist(svc, skb, protocol, &snet, 0, ip_vs_conn_fill_param_persist(svc, skb, protocol, &snet, 0,
vaddr, vport, &param)) vaddr, vport, &param);
return NULL;
} }
/* Check if a template already exists */ /* Check if a template already exists */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment