struct ip_vs_protocol *next;
char *name;
__u16 protocol;
- int minhlen;
- int minhlen_icmp;
int dont_defrag;
- int skip_nonexisting;
- int slave; /* if controlled by others */
atomic_t appcnt; /* counter of proto app incs */
int *timeout_table; /* protocol timeout table */
struct ip_vs_dest *dest; /* real server */
atomic_t in_pkts; /* incoming packet counter */
- /* packet transmitter for different forwarding methods */
+ /* packet transmitter for different forwarding methods. If it
+ mangles the packet, it must return NF_DROP or NF_STOLEN, otherwise
+ this must be changed to a sk_buff **.
+ */
int (*packet_xmit)(struct sk_buff *skb, struct ip_vs_conn *cp,
struct ip_vs_protocol *pp);
/* Is the embedded protocol header present? */
if (unlikely(ciph.frag_off & __constant_htons(IP_OFFSET) &&
- (pp->minhlen || pp->dont_defrag)))
+ pp->dont_defrag))
return NF_ACCEPT;
IP_VS_DBG_PKT(11, pp, skb, offset, "Checking outgoing ICMP for");
/* Is the embedded protocol header present? */
if (unlikely(ciph.frag_off & __constant_htons(IP_OFFSET) &&
- (pp->minhlen || pp->dont_defrag)))
+ pp->dont_defrag))
return NF_ACCEPT;
IP_VS_DBG_PKT(11, pp, skb, offset, "Checking incoming ICMP for");
if (!cp) {
/*
* We are not sure if the packet is from our
- * service, so the caller should check skip_nonexisting
+ * service, so our conn_schedule hook should return NF_ACCEPT
*/
IP_VS_DBG(12, "Unknown ISAKMP entry for outin packet "
"%s%s %u.%u.%u.%u->%u.%u.%u.%u\n",
- inverse?"ICMP+":"",
+ inverse ? "ICMP+" : "",
pp->name,
NIPQUAD(iph->saddr),
NIPQUAD(iph->daddr));
}
if (!cp) {
- /*
- * We are not sure if the packet is from our
- * service, so the caller should check skip_nonexisting
- * or our conn_schedule hook should return NF_ACCEPT
- */
IP_VS_DBG(12, "Unknown ISAKMP entry for inout packet "
"%s%s %u.%u.%u.%u->%u.%u.%u.%u\n",
inverse ? "ICMP+" : "",
struct ip_vs_protocol ip_vs_protocol_ah = {
.name = "AH",
.protocol = IPPROTO_AH,
- .minhlen = 0,
- .minhlen_icmp = 0,
.dont_defrag = 1,
- .skip_nonexisting = 1,
- .slave = 1,
.init = ah_init,
.exit = ah_exit,
.conn_schedule = ah_conn_schedule,
.conn_out_get = ah_conn_out_get,
.snat_handler = NULL,
.dnat_handler = NULL,
+ .csum_check = NULL,
.state_transition = NULL,
.register_app = NULL,
.unregister_app = NULL,
.app_conn_bind = NULL,
- .csum_check = NULL,
.debug_packet = ah_debug_packet,
.timeout_change = NULL, /* ISAKMP */
.set_state_timeout = NULL,
if (!cp) {
/*
* We are not sure if the packet is from our
- * service, so the caller should check skip_nonexisting
+ * service, so our conn_schedule hook should return NF_ACCEPT
*/
IP_VS_DBG(12, "Unknown ISAKMP entry for outin packet "
"%s%s %u.%u.%u.%u->%u.%u.%u.%u\n",
}
if (!cp) {
- /*
- * We are not sure if the packet is from our
- * service, so the caller should check skip_nonexisting
- * or our conn_schedule hook should return NF_ACCEPT
- */
IP_VS_DBG(12, "Unknown ISAKMP entry for inout packet "
"%s%s %u.%u.%u.%u->%u.%u.%u.%u\n",
- inverse?"ICMP+":"",
+ inverse ? "ICMP+" : "",
pp->name,
NIPQUAD(iph->saddr),
NIPQUAD(iph->daddr));
struct ip_vs_protocol ip_vs_protocol_esp = {
.name = "ESP",
.protocol = IPPROTO_ESP,
- .minhlen = 0,
- .minhlen_icmp = 0,
.dont_defrag = 1,
- .skip_nonexisting = 1,
- .slave = 1,
.init = esp_init,
.exit = esp_exit,
.conn_schedule = esp_conn_schedule,
struct ip_vs_protocol ip_vs_protocol_icmp = {
.name = "ICMP",
.protocol = IPPROTO_ICMP,
- .minhlen = sizeof(struct icmphdr),
- .minhlen_icmp = 8,
.dont_defrag = 0,
- .skip_nonexisting = 0,
- .slave = 0,
.init = icmp_init,
.exit = icmp_exit,
.conn_schedule = icmp_conn_schedule,
if (unlikely(cp->app != NULL)) {
/* Some checks before mangling */
- if (pp->csum_check && !pp->slave && !pp->csum_check(*pskb, pp))
+ if (pp->csum_check && !pp->csum_check(*pskb, pp))
return 0;
/* Call application helper if needed */
if (unlikely(cp->app != NULL)) {
/* Some checks before mangling */
- if (pp->csum_check && !pp->slave && !pp->csum_check(*pskb, pp))
+ if (pp->csum_check && !pp->csum_check(*pskb, pp))
return 0;
/*
struct ip_vs_protocol ip_vs_protocol_tcp = {
.name = "TCP",
.protocol = IPPROTO_TCP,
- .minhlen = sizeof(struct tcphdr),
- .minhlen_icmp = 8,
.dont_defrag = 0,
- .skip_nonexisting = 0,
- .slave = 0,
.appcnt = ATOMIC_INIT(0),
.init = tcp_init,
.exit = tcp_exit,
if (unlikely(cp->app != NULL)) {
/* Some checks before mangling */
- if (pp->csum_check && !pp->slave && !pp->csum_check(*pskb, pp))
+ if (pp->csum_check && !pp->csum_check(*pskb, pp))
return 0;
/*
if (unlikely(cp->app != NULL)) {
/* Some checks before mangling */
- if (pp->csum_check && !pp->slave && !pp->csum_check(*pskb, pp))
+ if (pp->csum_check && !pp->csum_check(*pskb, pp))
return 0;
/*
struct ip_vs_protocol ip_vs_protocol_udp = {
.name = "UDP",
.protocol = IPPROTO_UDP,
- .minhlen = sizeof(struct udphdr),
- .minhlen_icmp = 8,
.dont_defrag = 0,
- .skip_nonexisting = 0,
- .slave = 0,
.init = udp_init,
.exit = udp_exit,
.conn_schedule = udp_conn_schedule,
projects / history.git / commitdiff