OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/ipv4
History
Julian Anastasov 87375ab47c [IPVS]: ip_vs_ftp breaks connections using persistence 
ip_vs_ftp when loaded can create NAT connections with unknown client
port for passive FTP. For such expectations we lookup with cport=0 on
incoming packet but it matches the format of the persistence templates
causing packets to other persistent virtual servers to be forwarded to
real server without creating connection. Later the reply packets are
treated as foreign and not SNAT-ed.

This patch changes the connection lookup for packets from clients:

* introduce IP_VS_CONN_F_TEMPLATE connection flag to mark the
  connection as template

* create new connection lookup function just for templates -
  ip_vs_ct_in_get

* make sure ip_vs_conn_in_get hits only connections with
  IP_VS_CONN_F_NO_CPORT flag set when s_port is 0. By this way
  we avoid returning template when looking for cport=0 (ftp)

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2005-09-14 21:08:51 -07:00
..
ipvs [IPVS]: ip_vs_ftp breaks connections using persistence 2005-09-14 21:08:51 -07:00
netfilter [NETFILTER]: Fix DHCP + MASQUERADE problem 2005-09-13 13:49:15 -07:00
Kconfig
Makefile
af_inet.c [IPV4] fib_trie: fix proc interface 2005-09-09 13:35:42 -07:00
ah4.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
arp.c
datagram.c
devinet.c
esp4.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
fib_frontend.c
fib_hash.c
fib_lookup.h
fib_rules.c
fib_semantics.c
fib_trie.c [IPV4] fib_trie: fix proc interface 2005-09-09 13:35:42 -07:00
icmp.c
igmp.c [MCAST]: Fix MCAST_EXCLUDE line dupes 2005-09-14 20:53:42 -07:00
inet_connection_sock.c
inet_diag.c
inet_hashtables.c
inet_timewait_sock.c
inetpeer.c [PATCH] timer initialization cleanup: DEFINE_TIMER 2005-09-09 14:03:48 -07:00
ip_forward.c
ip_fragment.c [IPV4]: Reassembly trim not clearing CHECKSUM_HW 2005-09-06 15:51:48 -07:00
ip_gre.c
ip_input.c
ip_options.c
ip_output.c
ip_sockglue.c
ipcomp.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
ipconfig.c [NET]: fix-up schedule_timeout() usage 2005-09-12 14:15:34 -07:00
ipip.c
ipmr.c
multipath.c
multipath_drr.c
multipath_random.c
multipath_rr.c
multipath_wrandom.c
netfilter.c
proc.c
protocol.c
raw.c
route.c [IPV4]: Fix refcount damaging in net/ipv4/route.c 2005-09-08 13:34:47 -07:00
syncookies.c
sysctl_net_ipv4.c
tcp.c [TCP]: Fix TCP_OFF() bug check introduced by previous change. 2005-09-05 18:55:48 -07:00
tcp_bic.c
tcp_cong.c
tcp_diag.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_input.c [TCP]: Compute in_sacked properly when we split up a TSO frame. 2005-09-14 20:50:35 -07:00
tcp_ipv4.c
tcp_minisocks.c
tcp_output.c [TCP]: Compute in_sacked properly when we split up a TSO frame. 2005-09-14 20:50:35 -07:00
tcp_scalable.c
tcp_timer.c
tcp_vegas.c
tcp_westwood.c
udp.c [IPV4] udp: trim forgets about CHECKSUM_HW 2005-09-08 12:32:21 -07:00
xfrm4_input.c
xfrm4_output.c
xfrm4_policy.c
xfrm4_state.c
xfrm4_tunnel.c