From f71499aa11f884255b69ce6c3b3c398c821591a1 Mon Sep 17 00:00:00 2001 From: Simon Horman Date: Sun, 22 Aug 2010 21:37:54 +0900 Subject: IPVS: Fallback if persistence engine fails Fall back to normal persistence handling if the persistence engine fails to recognise a packet. This way, at least the packet will go somewhere. It is envisaged that iptables could be used to block packets such if this is not desired although nf_conntrack_sip would likely need to be enhanced first. Signed-off-by: Simon Horman Acked-by: Julian Anastasov --- net/netfilter/ipvs/ip_vs_conn.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'net/netfilter/ipvs/ip_vs_conn.c') diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index 4adedefdf563..1d1a529dbe24 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c +++ b/net/netfilter/ipvs/ip_vs_conn.c @@ -154,7 +154,7 @@ static unsigned int ip_vs_conn_hashkey_param(const struct ip_vs_conn_param *p, const union nf_inet_addr *addr; __be16 port; - if (p->pe && p->pe->hashkey_raw) + if (p->pe_data && p->pe->hashkey_raw) return p->pe->hashkey_raw(p, ip_vs_conn_rnd, inverse) & ip_vs_conn_tab_mask; @@ -353,7 +353,7 @@ struct ip_vs_conn *ip_vs_ct_in_get(const struct ip_vs_conn_param *p) ct_read_lock(hash); list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) { - if (p->pe && p->pe->ct_match) { + if (p->pe_data && p->pe->ct_match) { if (p->pe->ct_match(p, cp)) goto out; continue; @@ -956,7 +956,7 @@ static int ip_vs_conn_seq_show(struct seq_file *seq, void *v) char pe_data[IP_VS_PENAME_MAXLEN + IP_VS_PEDATA_MAXLEN + 3]; size_t len = 0; - if (cp->dest && cp->dest->svc->pe && + if (cp->dest && cp->pe_data && cp->dest->svc->pe->show_pe_data) { pe_data[0] = ' '; len = strlen(cp->dest->svc->pe->name); -- cgit v1.2.3