bbs.cooldavid.org Git - net-next-2.6.git/commit - net/netfilter/ipvs/ip_vs

author	Julian Anastasov <ja@ssi.bg>
	Sun, 17 Oct 2010 13:40:51 +0000 (16:40 +0300)
committer	Simon Horman <horms@verge.net.au>
	Thu, 21 Oct 2010 09:04:01 +0000 (11:04 +0200)
commit	cb59155f21d4c0507d2034c2953f6a3f7806913d
tree	33e07206b82254ee272cdcf7184467993ecbe8c7	tree \| snapshot (tar.bz2 tar.gz zip)
parent	fc604767613b6d2036cdc35b660bc39451040a47	commit \| diff

ipvs: changes for local client

This patch deals with local client processing.

Prefer LOCAL_OUT hook for scheduling connections from
local clients. LOCAL_IN is still supported if the packets are
not marked as processed in LOCAL_OUT. The idea to process
requests in LOCAL_OUT is to alter conntrack reply before
it is confirmed at POST_ROUTING. If the local requests are
processed in LOCAL_IN the conntrack can not be updated
and matching by state is impossible.

Add the following handlers:

- ip_vs_reply[46] at LOCAL_IN:99 to process replies from
remote real servers to local clients. Now when both
replies from remote real servers (ip_vs_reply*) and
local real servers (ip_vs_local_reply*) are handled
it is safe to remove the conn_out_get call from ip_vs_in
because it does not support related ICMP packets.

- ip_vs_local_request[46] at LOCAL_OUT:-98 to process
requests from local client

Handling in LOCAL_OUT causes some changes:

- as skb->dev, skb->protocol and skb->pkt_type are not defined
in LOCAL_OUT make sure we set skb->dev before calling icmpv6_send,
prefer skb_dst(skb) for struct net and remove the skb->protocol
checks from TUN transmitters.

[ horms@verge.net.au: removed trailing whitespace ]
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>

net/netfilter/ipvs/ip_vs_core.c		diff \| blob \| blame \| history
net/netfilter/ipvs/ip_vs_xmit.c		diff \| blob \| blame \| history