IPVS: Add ip_vs_route_me_harder() (ba4fd7e9) · Commits · e / devices / android_kernel_teracube_2e

net/netfilter/ipvs/ip_vs_core.c

+22 −26

Original line number	Original line	Diff line number	Diff line
	@@ -631,6 +631,24 @@ static inline int ip_vs_gather_frags_v6(struct sk_buff *skb, u_int32_t user)
	}		}
	#endif		#endif

			static int ip_vs_route_me_harder(int af, struct sk_buff *skb)
			{
			struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));

			#ifdef CONFIG_IP_VS_IPV6
			if (af == AF_INET6) {
			if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
			return 1;
			} else
			#endif
			if ((ipvs->sysctl_snat_reroute \|\|
			skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
			ip_route_me_harder(skb, RTN_LOCAL) != 0)
			return 1;

			return 0;
			}

	/*		/*
	* Packet has been made sufficiently writable in caller		* Packet has been made sufficiently writable in caller
	* - inout: 1=in->out, 0=out->in		* - inout: 1=in->out, 0=out->in
	@@ -737,7 +755,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
	struct ip_vs_protocol *pp,		struct ip_vs_protocol *pp,
	unsigned int offset, unsigned int ihl)		unsigned int offset, unsigned int ihl)
	{		{
	struct netns_ipvs *ipvs;
	unsigned int verdict = NF_DROP;		unsigned int verdict = NF_DROP;

	if (IP_VS_FWD_METHOD(cp) != 0) {		if (IP_VS_FWD_METHOD(cp) != 0) {
	@@ -759,8 +776,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
	if (!skb_make_writable(skb, offset))		if (!skb_make_writable(skb, offset))
	goto out;		goto out;

	ipvs = net_ipvs(skb_net(skb));

	#ifdef CONFIG_IP_VS_IPV6		#ifdef CONFIG_IP_VS_IPV6
	if (af == AF_INET6)		if (af == AF_INET6)
	ip_vs_nat_icmp_v6(skb, pp, cp, 1);		ip_vs_nat_icmp_v6(skb, pp, cp, 1);
	@@ -768,15 +783,7 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
	#endif		#endif
	ip_vs_nat_icmp(skb, pp, cp, 1);		ip_vs_nat_icmp(skb, pp, cp, 1);

	#ifdef CONFIG_IP_VS_IPV6		if (ip_vs_route_me_harder(af, skb))
	if (af == AF_INET6) {
	if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
	goto out;
	} else
	#endif
	if ((ipvs->sysctl_snat_reroute \|\|
	skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
	ip_route_me_harder(skb, RTN_LOCAL) != 0)
	goto out;		goto out;

	/* do the statistics and put it back */		/* do the statistics and put it back */
	@@ -985,7 +992,6 @@ handle_response(int af, struct sk_buff skb, struct ip_vs_proto_data pd,
	struct ip_vs_conn *cp, int ihl)		struct ip_vs_conn *cp, int ihl)
	{		{
	struct ip_vs_protocol *pp = pd->pp;		struct ip_vs_protocol *pp = pd->pp;
	struct netns_ipvs *ipvs;

	IP_VS_DBG_PKT(11, af, pp, skb, 0, "Outgoing packet");		IP_VS_DBG_PKT(11, af, pp, skb, 0, "Outgoing packet");

	@@ -1021,17 +1027,7 @@ handle_response(int af, struct sk_buff skb, struct ip_vs_proto_data pd,
	* if it came from this machine itself. So re-compute		* if it came from this machine itself. So re-compute
	* the routing information.		* the routing information.
	*/		*/
	ipvs = net_ipvs(skb_net(skb));		if (ip_vs_route_me_harder(af, skb))

	#ifdef CONFIG_IP_VS_IPV6
	if (af == AF_INET6) {
	if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
	goto drop;
	} else
	#endif
	if ((ipvs->sysctl_snat_reroute \|\|
	skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
	ip_route_me_harder(skb, RTN_LOCAL) != 0)
	goto drop;		goto drop;

	IP_VS_DBG_PKT(10, af, pp, skb, 0, "After SNAT");		IP_VS_DBG_PKT(10, af, pp, skb, 0, "After SNAT");