Commit ba4fd7e9 authored by Simon Horman's avatar Simon Horman

IPVS: Add ip_vs_route_me_harder()

Add ip_vs_route_me_harder() to avoid repeating the same code twice.
Signed-off-by: default avatarSimon Horman <horms@verge.net.au>
parent 6ef757f9
...@@ -631,6 +631,24 @@ static inline int ip_vs_gather_frags_v6(struct sk_buff *skb, u_int32_t user) ...@@ -631,6 +631,24 @@ static inline int ip_vs_gather_frags_v6(struct sk_buff *skb, u_int32_t user)
} }
#endif #endif
static int ip_vs_route_me_harder(int af, struct sk_buff *skb)
{
struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
#ifdef CONFIG_IP_VS_IPV6
if (af == AF_INET6) {
if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
return 1;
} else
#endif
if ((ipvs->sysctl_snat_reroute ||
skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
ip_route_me_harder(skb, RTN_LOCAL) != 0)
return 1;
return 0;
}
/* /*
* Packet has been made sufficiently writable in caller * Packet has been made sufficiently writable in caller
* - inout: 1=in->out, 0=out->in * - inout: 1=in->out, 0=out->in
...@@ -737,7 +755,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb, ...@@ -737,7 +755,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
struct ip_vs_protocol *pp, struct ip_vs_protocol *pp,
unsigned int offset, unsigned int ihl) unsigned int offset, unsigned int ihl)
{ {
struct netns_ipvs *ipvs;
unsigned int verdict = NF_DROP; unsigned int verdict = NF_DROP;
if (IP_VS_FWD_METHOD(cp) != 0) { if (IP_VS_FWD_METHOD(cp) != 0) {
...@@ -759,8 +776,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb, ...@@ -759,8 +776,6 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
if (!skb_make_writable(skb, offset)) if (!skb_make_writable(skb, offset))
goto out; goto out;
ipvs = net_ipvs(skb_net(skb));
#ifdef CONFIG_IP_VS_IPV6 #ifdef CONFIG_IP_VS_IPV6
if (af == AF_INET6) if (af == AF_INET6)
ip_vs_nat_icmp_v6(skb, pp, cp, 1); ip_vs_nat_icmp_v6(skb, pp, cp, 1);
...@@ -768,15 +783,7 @@ static int handle_response_icmp(int af, struct sk_buff *skb, ...@@ -768,15 +783,7 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
#endif #endif
ip_vs_nat_icmp(skb, pp, cp, 1); ip_vs_nat_icmp(skb, pp, cp, 1);
#ifdef CONFIG_IP_VS_IPV6 if (ip_vs_route_me_harder(af, skb))
if (af == AF_INET6) {
if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
goto out;
} else
#endif
if ((ipvs->sysctl_snat_reroute ||
skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
ip_route_me_harder(skb, RTN_LOCAL) != 0)
goto out; goto out;
/* do the statistics and put it back */ /* do the statistics and put it back */
...@@ -985,7 +992,6 @@ handle_response(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd, ...@@ -985,7 +992,6 @@ handle_response(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd,
struct ip_vs_conn *cp, int ihl) struct ip_vs_conn *cp, int ihl)
{ {
struct ip_vs_protocol *pp = pd->pp; struct ip_vs_protocol *pp = pd->pp;
struct netns_ipvs *ipvs;
IP_VS_DBG_PKT(11, af, pp, skb, 0, "Outgoing packet"); IP_VS_DBG_PKT(11, af, pp, skb, 0, "Outgoing packet");
...@@ -1021,17 +1027,7 @@ handle_response(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd, ...@@ -1021,17 +1027,7 @@ handle_response(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd,
* if it came from this machine itself. So re-compute * if it came from this machine itself. So re-compute
* the routing information. * the routing information.
*/ */
ipvs = net_ipvs(skb_net(skb)); if (ip_vs_route_me_harder(af, skb))
#ifdef CONFIG_IP_VS_IPV6
if (af == AF_INET6) {
if (ipvs->sysctl_snat_reroute && ip6_route_me_harder(skb) != 0)
goto drop;
} else
#endif
if ((ipvs->sysctl_snat_reroute ||
skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
ip_route_me_harder(skb, RTN_LOCAL) != 0)
goto drop; goto drop;
IP_VS_DBG_PKT(10, af, pp, skb, 0, "After SNAT"); IP_VS_DBG_PKT(10, af, pp, skb, 0, "After SNAT");
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment