LXR linux/include/net/ip

   1/*
   2 *      IP Virtual Server
   3 *      data structure and functionality definitions
   4 */
   5
   6#ifndef _NET_IP_VS_H
   7#define _NET_IP_VS_H
   8
   9#include <linux/ip_vs.h>                /* definitions shared with userland */
  10
  11/* old ipvsadm versions still include this file directly */
  12#ifdef __KERNEL__
  13
  14#include <asm/types.h>                  /* for __uXX types */
  15
  16#include <linux/sysctl.h>               /* for ctl_path */
  17#include <linux/list.h>                 /* for struct list_head */
  18#include <linux/spinlock.h>             /* for struct rwlock_t */
  19#include <asm/atomic.h>                 /* for struct atomic_t */
  20#include <linux/compiler.h>
  21#include <linux/timer.h>
  22
  23#include <net/checksum.h>
  24#include <linux/netfilter.h>            /* for union nf_inet_addr */
  25#include <linux/ip.h>
  26#include <linux/ipv6.h>                 /* for struct ipv6hdr */
  27#include <net/ipv6.h>                   /* for ipv6_addr_copy */
  28
  29struct ip_vs_iphdr {
  30        int len;
  31        __u8 protocol;
  32        union nf_inet_addr saddr;
  33        union nf_inet_addr daddr;
  34};
  35
  36static inline void
  37ip_vs_fill_iphdr(int af, const void *nh, struct ip_vs_iphdr *iphdr)
  38{
  39#ifdef CONFIG_IP_VS_IPV6
  40        if (af == AF_INET6) {
  41                const struct ipv6hdr *iph = nh;
  42                iphdr->len = sizeof(struct ipv6hdr);
  43                iphdr->protocol = iph->nexthdr;
  44                ipv6_addr_copy(&iphdr->saddr.in6, &iph->saddr);
  45                ipv6_addr_copy(&iphdr->daddr.in6, &iph->daddr);
  46        } else
  47#endif
  48        {
  49                const struct iphdr *iph = nh;
  50                iphdr->len = iph->ihl * 4;
  51                iphdr->protocol = iph->protocol;
  52                iphdr->saddr.ip = iph->saddr;
  53                iphdr->daddr.ip = iph->daddr;
  54        }
  55}
  56
  57static inline void ip_vs_addr_copy(int af, union nf_inet_addr *dst,
  58                                   const union nf_inet_addr *src)
  59{
  60#ifdef CONFIG_IP_VS_IPV6
  61        if (af == AF_INET6)
  62                ipv6_addr_copy(&dst->in6, &src->in6);
  63        else
  64#endif
  65        dst->ip = src->ip;
  66}
  67
  68static inline int ip_vs_addr_equal(int af, const union nf_inet_addr *a,
  69                                   const union nf_inet_addr *b)
  70{
  71#ifdef CONFIG_IP_VS_IPV6
  72        if (af == AF_INET6)
  73                return ipv6_addr_equal(&a->in6, &b->in6);
  74#endif
  75        return a->ip == b->ip;
  76}
  77
  78#ifdef CONFIG_IP_VS_DEBUG
  79#include <linux/net.h>
  80
  81extern int ip_vs_get_debug_level(void);
  82
  83static inline const char *ip_vs_dbg_addr(int af, char *buf, size_t buf_len,
  84                                         const union nf_inet_addr *addr,
  85                                         int *idx)
  86{
  87        int len;
  88#ifdef CONFIG_IP_VS_IPV6
  89        if (af == AF_INET6)
  90                len = snprintf(&buf[*idx], buf_len - *idx, "[%pI6]",
  91                               &addr->in6) + 1;
  92        else
  93#endif
  94                len = snprintf(&buf[*idx], buf_len - *idx, "%pI4",
  95                               &addr->ip) + 1;
  96
  97        *idx += len;
  98        BUG_ON(*idx > buf_len + 1);
  99        return &buf[*idx - len];
 100}
 101
 102#define IP_VS_DBG_BUF(level, msg...)                    \
 103    do {                                                \
 104            char ip_vs_dbg_buf[160];                    \
 105            int ip_vs_dbg_idx = 0;                      \
 106            if (level <= ip_vs_get_debug_level())       \
 107                    printk(KERN_DEBUG "IPVS: " msg);    \
 108    } while (0)
 109#define IP_VS_ERR_BUF(msg...)                           \
 110    do {                                                \
 111            char ip_vs_dbg_buf[160];                    \
 112            int ip_vs_dbg_idx = 0;                      \
 113            printk(KERN_ERR "IPVS: " msg);              \
 114    } while (0)
 115
 116/* Only use from within IP_VS_DBG_BUF() or IP_VS_ERR_BUF macros */
 117#define IP_VS_DBG_ADDR(af, addr)                        \
 118    ip_vs_dbg_addr(af, ip_vs_dbg_buf,                   \
 119                   sizeof(ip_vs_dbg_buf), addr,         \
 120                   &ip_vs_dbg_idx)
 121
 122#define IP_VS_DBG(level, msg...)                        \
 123    do {                                                \
 124            if (level <= ip_vs_get_debug_level())       \
 125                    printk(KERN_DEBUG "IPVS: " msg);    \
 126    } while (0)
 127#define IP_VS_DBG_RL(msg...)                            \
 128    do {                                                \
 129            if (net_ratelimit())                        \
 130                    printk(KERN_DEBUG "IPVS: " msg);    \
 131    } while (0)
 132#define IP_VS_DBG_PKT(level, pp, skb, ofs, msg)         \
 133    do {                                                \
 134            if (level <= ip_vs_get_debug_level())       \
 135                pp->debug_packet(pp, skb, ofs, msg);    \
 136    } while (0)
 137#define IP_VS_DBG_RL_PKT(level, pp, skb, ofs, msg)      \
 138    do {                                                \
 139            if (level <= ip_vs_get_debug_level() &&     \
 140                net_ratelimit())                        \
 141                pp->debug_packet(pp, skb, ofs, msg);    \
 142    } while (0)
 143#else   /* NO DEBUGGING at ALL */
 144#define IP_VS_DBG_BUF(level, msg...)  do {} while (0)
 145#define IP_VS_ERR_BUF(msg...)  do {} while (0)
 146#define IP_VS_DBG(level, msg...)  do {} while (0)
 147#define IP_VS_DBG_RL(msg...)  do {} while (0)
 148#define IP_VS_DBG_PKT(level, pp, skb, ofs, msg)         do {} while (0)
 149#define IP_VS_DBG_RL_PKT(level, pp, skb, ofs, msg)      do {} while (0)
 150#endif
 151
 152#define IP_VS_BUG() BUG()
 153#define IP_VS_ERR(msg...) printk(KERN_ERR "IPVS: " msg)
 154#define IP_VS_INFO(msg...) printk(KERN_INFO "IPVS: " msg)
 155#define IP_VS_WARNING(msg...) \
 156        printk(KERN_WARNING "IPVS: " msg)
 157#define IP_VS_ERR_RL(msg...)                            \
 158    do {                                                \
 159            if (net_ratelimit())                        \
 160                    printk(KERN_ERR "IPVS: " msg);      \
 161    } while (0)
 162
 163#ifdef CONFIG_IP_VS_DEBUG
 164#define EnterFunction(level)                                            \
 165    do {                                                                \
 166            if (level <= ip_vs_get_debug_level())                       \
 167                    printk(KERN_DEBUG "Enter: %s, %s line %i\n",        \
 168                           __func__, __FILE__, __LINE__);               \
 169    } while (0)
 170#define LeaveFunction(level)                                            \
 171    do {                                                                \
 172            if (level <= ip_vs_get_debug_level())                       \
 173                        printk(KERN_DEBUG "Leave: %s, %s line %i\n",    \
 174                               __func__, __FILE__, __LINE__);       \
 175    } while (0)
 176#else
 177#define EnterFunction(level)   do {} while (0)
 178#define LeaveFunction(level)   do {} while (0)
 179#endif
 180
 181#define IP_VS_WAIT_WHILE(expr)  while (expr) { cpu_relax(); }
 182
 183
 184/*
 185 *      The port number of FTP service (in network order).
 186 */
 187#define FTPPORT  __constant_htons(21)
 188#define FTPDATA  __constant_htons(20)
 189
 190/*
 191 *      TCP State Values
 192 */
 193enum {
 194        IP_VS_TCP_S_NONE = 0,
 195        IP_VS_TCP_S_ESTABLISHED,
 196        IP_VS_TCP_S_SYN_SENT,
 197        IP_VS_TCP_S_SYN_RECV,
 198        IP_VS_TCP_S_FIN_WAIT,
 199        IP_VS_TCP_S_TIME_WAIT,
 200        IP_VS_TCP_S_CLOSE,
 201        IP_VS_TCP_S_CLOSE_WAIT,
 202        IP_VS_TCP_S_LAST_ACK,
 203        IP_VS_TCP_S_LISTEN,
 204        IP_VS_TCP_S_SYNACK,
 205        IP_VS_TCP_S_LAST
 206};
 207
 208/*
 209 *      UDP State Values
 210 */
 211enum {
 212        IP_VS_UDP_S_NORMAL,
 213        IP_VS_UDP_S_LAST,
 214};
 215
 216/*
 217 *      ICMP State Values
 218 */
 219enum {
 220        IP_VS_ICMP_S_NORMAL,
 221        IP_VS_ICMP_S_LAST,
 222};
 223
 224/*
 225 *      Delta sequence info structure
 226 *      Each ip_vs_conn has 2 (output AND input seq. changes).
 227 *      Only used in the VS/NAT.
 228 */
 229struct ip_vs_seq {
 230        __u32                   init_seq;       /* Add delta from this seq */
 231        __u32                   delta;          /* Delta in sequence numbers */
 232        __u32                   previous_delta; /* Delta in sequence numbers
 233                                                   before last resized pkt */
 234};
 235
 236
 237/*
 238 *      IPVS statistics objects
 239 */
 240struct ip_vs_estimator {
 241        struct list_head        list;
 242
 243        u64                     last_inbytes;
 244        u64                     last_outbytes;
 245        u32                     last_conns;
 246        u32                     last_inpkts;
 247        u32                     last_outpkts;
 248
 249        u32                     cps;
 250        u32                     inpps;
 251        u32                     outpps;
 252        u32                     inbps;
 253        u32                     outbps;
 254};
 255
 256struct ip_vs_stats
 257{
 258        struct ip_vs_stats_user ustats;         /* statistics */
 259        struct ip_vs_estimator  est;            /* estimator */
 260
 261        spinlock_t              lock;           /* spin lock */
 262};
 263
 264struct dst_entry;
 265struct iphdr;
 266struct ip_vs_conn;
 267struct ip_vs_app;
 268struct sk_buff;
 269
 270struct ip_vs_protocol {
 271        struct ip_vs_protocol   *next;
 272        char                    *name;
 273        u16                     protocol;
 274        u16                     num_states;
 275        int                     dont_defrag;
 276        atomic_t                appcnt;         /* counter of proto app incs */
 277        int                     *timeout_table; /* protocol timeout table */
 278
 279        void (*init)(struct ip_vs_protocol *pp);
 280
 281        void (*exit)(struct ip_vs_protocol *pp);
 282
 283        int (*conn_schedule)(int af, struct sk_buff *skb,
 284                             struct ip_vs_protocol *pp,
 285                             int *verdict, struct ip_vs_conn **cpp);
 286
 287        struct ip_vs_conn *
 288        (*conn_in_get)(int af,
 289                       const struct sk_buff *skb,
 290                       struct ip_vs_protocol *pp,
 291                       const struct ip_vs_iphdr *iph,
 292                       unsigned int proto_off,
 293                       int inverse);
 294
 295        struct ip_vs_conn *
 296        (*conn_out_get)(int af,
 297                        const struct sk_buff *skb,
 298                        struct ip_vs_protocol *pp,
 299                        const struct ip_vs_iphdr *iph,
 300                        unsigned int proto_off,
 301                        int inverse);
 302
 303        int (*snat_handler)(struct sk_buff *skb,
 304                            struct ip_vs_protocol *pp, struct ip_vs_conn *cp);
 305
 306        int (*dnat_handler)(struct sk_buff *skb,
 307                            struct ip_vs_protocol *pp, struct ip_vs_conn *cp);
 308
 309        int (*csum_check)(int af, struct sk_buff *skb,
 310                          struct ip_vs_protocol *pp);
 311
 312        const char *(*state_name)(int state);
 313
 314        int (*state_transition)(struct ip_vs_conn *cp, int direction,
 315                                const struct sk_buff *skb,
 316                                struct ip_vs_protocol *pp);
 317
 318        int (*register_app)(struct ip_vs_app *inc);
 319
 320        void (*unregister_app)(struct ip_vs_app *inc);
 321
 322        int (*app_conn_bind)(struct ip_vs_conn *cp);
 323
 324        void (*debug_packet)(struct ip_vs_protocol *pp,
 325                             const struct sk_buff *skb,
 326                             int offset,
 327                             const char *msg);
 328
 329        void (*timeout_change)(struct ip_vs_protocol *pp, int flags);
 330
 331        int (*set_state_timeout)(struct ip_vs_protocol *pp, char *sname, int to);
 332};
 333
 334extern struct ip_vs_protocol * ip_vs_proto_get(unsigned short proto);
 335
 336/*
 337 *      IP_VS structure allocated for each dynamically scheduled connection
 338 */
 339struct ip_vs_conn {
 340        struct list_head        c_list;         /* hashed list heads */
 341
 342        /* Protocol, addresses and port numbers */
 343        u16                      af;            /* address family */
 344        union nf_inet_addr       caddr;          /* client address */
 345        union nf_inet_addr       vaddr;          /* virtual address */
 346        union nf_inet_addr       daddr;          /* destination address */
 347        __be16                   cport;
 348        __be16                   vport;
 349        __be16                   dport;
 350        __u16                   protocol;       /* Which protocol (TCP/UDP) */
 351
 352        /* counter and timer */
 353        atomic_t                refcnt;         /* reference count */
 354        struct timer_list       timer;          /* Expiration timer */
 355        volatile unsigned long  timeout;        /* timeout */
 356
 357        /* Flags and state transition */
 358        spinlock_t              lock;           /* lock for state transition */
 359        volatile __u16          flags;          /* status flags */
 360        volatile __u16          state;          /* state info */
 361        volatile __u16          old_state;      /* old state, to be used for
 362                                                 * state transition triggerd
 363                                                 * synchronization
 364                                                 */
 365
 366        /* Control members */
 367        struct ip_vs_conn       *control;       /* Master control connection */
 368        atomic_t                n_control;      /* Number of controlled ones */
 369        struct ip_vs_dest       *dest;          /* real server */
 370        atomic_t                in_pkts;        /* incoming packet counter */
 371
 372        /* packet transmitter for different forwarding methods.  If it
 373           mangles the packet, it must return NF_DROP or better NF_STOLEN,
 374           otherwise this must be changed to a sk_buff **.
 375         */
 376        int (*packet_xmit)(struct sk_buff *skb, struct ip_vs_conn *cp,
 377                           struct ip_vs_protocol *pp);
 378
 379        /* Note: we can group the following members into a structure,
 380           in order to save more space, and the following members are
 381           only used in VS/NAT anyway */
 382        struct ip_vs_app        *app;           /* bound ip_vs_app object */
 383        void                    *app_data;      /* Application private data */
 384        struct ip_vs_seq        in_seq;         /* incoming seq. struct */
 385        struct ip_vs_seq        out_seq;        /* outgoing seq. struct */
 386};
 387
 388
 389/*
 390 *      Extended internal versions of struct ip_vs_service_user and
 391 *      ip_vs_dest_user for IPv6 support.
 392 *
 393 *      We need these to conveniently pass around service and destination
 394 *      options, but unfortunately, we also need to keep the old definitions to
 395 *      maintain userspace backwards compatibility for the setsockopt interface.
 396 */
 397struct ip_vs_service_user_kern {
 398        /* virtual service addresses */
 399        u16                     af;
 400        u16                     protocol;
 401        union nf_inet_addr      addr;           /* virtual ip address */
 402        u16                     port;
 403        u32                     fwmark;         /* firwall mark of service */
 404
 405        /* virtual service options */
 406        char                    *sched_name;
 407        unsigned                flags;          /* virtual service flags */
 408        unsigned                timeout;        /* persistent timeout in sec */
 409        u32                     netmask;        /* persistent netmask */
 410};
 411
 412
 413struct ip_vs_dest_user_kern {
 414        /* destination server address */
 415        union nf_inet_addr      addr;
 416        u16                     port;
 417
 418        /* real server options */
 419        unsigned                conn_flags;     /* connection flags */
 420        int                     weight;         /* destination weight */
 421
 422        /* thresholds for active connections */
 423        u32                     u_threshold;    /* upper threshold */
 424        u32                     l_threshold;    /* lower threshold */
 425};
 426
 427
 428/*
 429 *      The information about the virtual service offered to the net
 430 *      and the forwarding entries
 431 */
 432struct ip_vs_service {
 433        struct list_head        s_list;   /* for normal service table */
 434        struct list_head        f_list;   /* for fwmark-based service table */
 435        atomic_t                refcnt;   /* reference counter */
 436        atomic_t                usecnt;   /* use counter */
 437
 438        u16                     af;       /* address family */
 439        __u16                   protocol; /* which protocol (TCP/UDP) */
 440        union nf_inet_addr      addr;     /* IP address for virtual service */
 441        __be16                  port;     /* port number for the service */
 442        __u32                   fwmark;   /* firewall mark of the service */
 443        unsigned                flags;    /* service status flags */
 444        unsigned                timeout;  /* persistent timeout in ticks */
 445        __be32                  netmask;  /* grouping granularity */
 446
 447        struct list_head        destinations;  /* real server d-linked list */
 448        __u32                   num_dests;     /* number of servers */
 449        struct ip_vs_stats      stats;         /* statistics for the service */
 450        struct ip_vs_app        *inc;     /* bind conns to this app inc */
 451
 452        /* for scheduling */
 453        struct ip_vs_scheduler  *scheduler;    /* bound scheduler object */
 454        rwlock_t                sched_lock;    /* lock sched_data */
 455        void                    *sched_data;   /* scheduler application data */
 456};
 457
 458
 459/*
 460 *      The real server destination forwarding entry
 461 *      with ip address, port number, and so on.
 462 */
 463struct ip_vs_dest {
 464        struct list_head        n_list;   /* for the dests in the service */
 465        struct list_head        d_list;   /* for table with all the dests */
 466
 467        u16                     af;             /* address family */
 468        union nf_inet_addr      addr;           /* IP address of the server */
 469        __be16                  port;           /* port number of the server */
 470        volatile unsigned       flags;          /* dest status flags */
 471        atomic_t                conn_flags;     /* flags to copy to conn */
 472        atomic_t                weight;         /* server weight */
 473
 474        atomic_t                refcnt;         /* reference counter */
 475        struct ip_vs_stats      stats;          /* statistics */
 476
 477        /* connection counters and thresholds */
 478        atomic_t                activeconns;    /* active connections */
 479        atomic_t                inactconns;     /* inactive connections */
 480        atomic_t                persistconns;   /* persistent connections */
 481        __u32                   u_threshold;    /* upper threshold */
 482        __u32                   l_threshold;    /* lower threshold */
 483
 484        /* for destination cache */
 485        spinlock_t              dst_lock;       /* lock of dst_cache */
 486        struct dst_entry        *dst_cache;     /* destination cache entry */
 487        u32                     dst_rtos;       /* RT_TOS(tos) for dst */
 488
 489        /* for virtual service */
 490        struct ip_vs_service    *svc;           /* service it belongs to */
 491        __u16                   protocol;       /* which protocol (TCP/UDP) */
 492        union nf_inet_addr      vaddr;          /* virtual IP address */
 493        __be16                  vport;          /* virtual port number */
 494        __u32                   vfwmark;        /* firewall mark of service */
 495};
 496
 497
 498/*
 499 *      The scheduler object
 500 */
 501struct ip_vs_scheduler {
 502        struct list_head        n_list;         /* d-linked list head */
 503        char                    *name;          /* scheduler name */
 504        atomic_t                refcnt;         /* reference counter */
 505        struct module           *module;        /* THIS_MODULE/NULL */
 506
 507        /* scheduler initializing service */
 508        int (*init_service)(struct ip_vs_service *svc);
 509        /* scheduling service finish */
 510        int (*done_service)(struct ip_vs_service *svc);
 511        /* scheduler updating service */
 512        int (*update_service)(struct ip_vs_service *svc);
 513
 514        /* selecting a server from the given service */
 515        struct ip_vs_dest* (*schedule)(struct ip_vs_service *svc,
 516                                       const struct sk_buff *skb);
 517};
 518
 519
 520/*
 521 *      The application module object (a.k.a. app incarnation)
 522 */
 523struct ip_vs_app
 524{
 525        struct list_head        a_list;         /* member in app list */
 526        int                     type;           /* IP_VS_APP_TYPE_xxx */
 527        char                    *name;          /* application module name */
 528        __u16                   protocol;
 529        struct module           *module;        /* THIS_MODULE/NULL */
 530        struct list_head        incs_list;      /* list of incarnations */
 531
 532        /* members for application incarnations */
 533        struct list_head        p_list;         /* member in proto app list */
 534        struct ip_vs_app        *app;           /* its real application */
 535        __be16                  port;           /* port number in net order */
 536        atomic_t                usecnt;         /* usage counter */
 537
 538        /* output hook: return false if can't linearize. diff set for TCP.  */
 539        int (*pkt_out)(struct ip_vs_app *, struct ip_vs_conn *,
 540                       struct sk_buff *, int *diff);
 541
 542        /* input hook: return false if can't linearize. diff set for TCP. */
 543        int (*pkt_in)(struct ip_vs_app *, struct ip_vs_conn *,
 544                      struct sk_buff *, int *diff);
 545
 546        /* ip_vs_app initializer */
 547        int (*init_conn)(struct ip_vs_app *, struct ip_vs_conn *);
 548
 549        /* ip_vs_app finish */
 550        int (*done_conn)(struct ip_vs_app *, struct ip_vs_conn *);
 551
 552
 553        /* not used now */
 554        int (*bind_conn)(struct ip_vs_app *, struct ip_vs_conn *,
 555                         struct ip_vs_protocol *);
 556
 557        void (*unbind_conn)(struct ip_vs_app *, struct ip_vs_conn *);
 558
 559        int *                   timeout_table;
 560        int *                   timeouts;
 561        int                     timeouts_size;
 562
 563        int (*conn_schedule)(struct sk_buff *skb, struct ip_vs_app *app,
 564                             int *verdict, struct ip_vs_conn **cpp);
 565
 566        struct ip_vs_conn *
 567        (*conn_in_get)(const struct sk_buff *skb, struct ip_vs_app *app,
 568                       const struct iphdr *iph, unsigned int proto_off,
 569                       int inverse);
 570
 571        struct ip_vs_conn *
 572        (*conn_out_get)(const struct sk_buff *skb, struct ip_vs_app *app,
 573                        const struct iphdr *iph, unsigned int proto_off,
 574                        int inverse);
 575
 576        int (*state_transition)(struct ip_vs_conn *cp, int direction,
 577                                const struct sk_buff *skb,
 578                                struct ip_vs_app *app);
 579
 580        void (*timeout_change)(struct ip_vs_app *app, int flags);
 581};
 582
 583
 584/*
 585 *      IPVS core functions
 586 *      (from ip_vs_core.c)
 587 */
 588extern const char *ip_vs_proto_name(unsigned proto);
 589extern void ip_vs_init_hash_table(struct list_head *table, int rows);
 590#define IP_VS_INIT_HASH_TABLE(t) ip_vs_init_hash_table((t), ARRAY_SIZE((t)))
 591
 592#define IP_VS_APP_TYPE_FTP      1
 593
 594/*
 595 *     ip_vs_conn handling functions
 596 *     (from ip_vs_conn.c)
 597 */
 598
 599/*
 600 *     IPVS connection entry hash table
 601 */
 602#ifndef CONFIG_IP_VS_TAB_BITS
 603#define CONFIG_IP_VS_TAB_BITS   12
 604#endif
 605
 606#define IP_VS_CONN_TAB_BITS     CONFIG_IP_VS_TAB_BITS
 607#define IP_VS_CONN_TAB_SIZE     (1 << IP_VS_CONN_TAB_BITS)
 608#define IP_VS_CONN_TAB_MASK     (IP_VS_CONN_TAB_SIZE - 1)
 609
 610enum {
 611        IP_VS_DIR_INPUT = 0,
 612        IP_VS_DIR_OUTPUT,
 613        IP_VS_DIR_INPUT_ONLY,
 614        IP_VS_DIR_LAST,
 615};
 616
 617extern struct ip_vs_conn *ip_vs_conn_in_get
 618(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
 619 const union nf_inet_addr *d_addr, __be16 d_port);
 620
 621extern struct ip_vs_conn *ip_vs_ct_in_get
 622(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
 623 const union nf_inet_addr *d_addr, __be16 d_port);
 624
 625extern struct ip_vs_conn *ip_vs_conn_out_get
 626(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
 627 const union nf_inet_addr *d_addr, __be16 d_port);
 628
 629/* put back the conn without restarting its timer */
 630static inline void __ip_vs_conn_put(struct ip_vs_conn *cp)
 631{
 632        atomic_dec(&cp->refcnt);
 633}
 634extern void ip_vs_conn_put(struct ip_vs_conn *cp);
 635extern void ip_vs_conn_fill_cport(struct ip_vs_conn *cp, __be16 cport);
 636
 637extern struct ip_vs_conn *
 638ip_vs_conn_new(int af, int proto, const union nf_inet_addr *caddr, __be16 cport,
 639               const union nf_inet_addr *vaddr, __be16 vport,
 640               const union nf_inet_addr *daddr, __be16 dport, unsigned flags,
 641               struct ip_vs_dest *dest);
 642extern void ip_vs_conn_expire_now(struct ip_vs_conn *cp);
 643
 644extern const char * ip_vs_state_name(__u16 proto, int state);
 645
 646extern void ip_vs_tcp_conn_listen(struct ip_vs_conn *cp);
 647extern int ip_vs_check_template(struct ip_vs_conn *ct);
 648extern void ip_vs_random_dropentry(void);
 649extern int ip_vs_conn_init(void);
 650extern void ip_vs_conn_cleanup(void);
 651
 652static inline void ip_vs_control_del(struct ip_vs_conn *cp)
 653{
 654        struct ip_vs_conn *ctl_cp = cp->control;
 655        if (!ctl_cp) {
 656                IP_VS_ERR_BUF("request control DEL for uncontrolled: "
 657                              "%s:%d to %s:%d\n",
 658                              IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 659                              ntohs(cp->cport),
 660                              IP_VS_DBG_ADDR(cp->af, &cp->vaddr),
 661                              ntohs(cp->vport));
 662
 663                return;
 664        }
 665
 666        IP_VS_DBG_BUF(7, "DELeting control for: "
 667                      "cp.dst=%s:%d ctl_cp.dst=%s:%d\n",
 668                      IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 669                      ntohs(cp->cport),
 670                      IP_VS_DBG_ADDR(cp->af, &ctl_cp->caddr),
 671                      ntohs(ctl_cp->cport));
 672
 673        cp->control = NULL;
 674        if (atomic_read(&ctl_cp->n_control) == 0) {
 675                IP_VS_ERR_BUF("BUG control DEL with n=0 : "
 676                              "%s:%d to %s:%d\n",
 677                              IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 678                              ntohs(cp->cport),
 679                              IP_VS_DBG_ADDR(cp->af, &cp->vaddr),
 680                              ntohs(cp->vport));
 681
 682                return;
 683        }
 684        atomic_dec(&ctl_cp->n_control);
 685}
 686
 687static inline void
 688ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp)
 689{
 690        if (cp->control) {
 691                IP_VS_ERR_BUF("request control ADD for already controlled: "
 692                              "%s:%d to %s:%d\n",
 693                              IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 694                              ntohs(cp->cport),
 695                              IP_VS_DBG_ADDR(cp->af, &cp->vaddr),
 696                              ntohs(cp->vport));
 697
 698                ip_vs_control_del(cp);
 699        }
 700
 701        IP_VS_DBG_BUF(7, "ADDing control for: "
 702                      "cp.dst=%s:%d ctl_cp.dst=%s:%d\n",
 703                      IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 704                      ntohs(cp->cport),
 705                      IP_VS_DBG_ADDR(cp->af, &ctl_cp->caddr),
 706                      ntohs(ctl_cp->cport));
 707
 708        cp->control = ctl_cp;
 709        atomic_inc(&ctl_cp->n_control);
 710}
 711
 712
 713/*
 714 *      IPVS application functions
 715 *      (from ip_vs_app.c)
 716 */
 717#define IP_VS_APP_MAX_PORTS  8
 718extern int register_ip_vs_app(struct ip_vs_app *app);
 719extern void unregister_ip_vs_app(struct ip_vs_app *app);
 720extern int ip_vs_bind_app(struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 721extern void ip_vs_unbind_app(struct ip_vs_conn *cp);
 722extern int
 723register_ip_vs_app_inc(struct ip_vs_app *app, __u16 proto, __u16 port);
 724extern int ip_vs_app_inc_get(struct ip_vs_app *inc);
 725extern void ip_vs_app_inc_put(struct ip_vs_app *inc);
 726
 727extern int ip_vs_app_pkt_out(struct ip_vs_conn *, struct sk_buff *skb);
 728extern int ip_vs_app_pkt_in(struct ip_vs_conn *, struct sk_buff *skb);
 729extern int ip_vs_skb_replace(struct sk_buff *skb, gfp_t pri,
 730                             char *o_buf, int o_len, char *n_buf, int n_len);
 731extern int ip_vs_app_init(void);
 732extern void ip_vs_app_cleanup(void);
 733
 734
 735/*
 736 *      IPVS protocol functions (from ip_vs_proto.c)
 737 */
 738extern int ip_vs_protocol_init(void);
 739extern void ip_vs_protocol_cleanup(void);
 740extern void ip_vs_protocol_timeout_change(int flags);
 741extern int *ip_vs_create_timeout_table(int *table, int size);
 742extern int
 743ip_vs_set_state_timeout(int *table, int num, char **names, char *name, int to);
 744extern void
 745ip_vs_tcpudp_debug_packet(struct ip_vs_protocol *pp, const struct sk_buff *skb,
 746                          int offset, const char *msg);
 747
 748extern struct ip_vs_protocol ip_vs_protocol_tcp;
 749extern struct ip_vs_protocol ip_vs_protocol_udp;
 750extern struct ip_vs_protocol ip_vs_protocol_icmp;
 751extern struct ip_vs_protocol ip_vs_protocol_esp;
 752extern struct ip_vs_protocol ip_vs_protocol_ah;
 753
 754
 755/*
 756 *      Registering/unregistering scheduler functions
 757 *      (from ip_vs_sched.c)
 758 */
 759extern int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler);
 760extern int unregister_ip_vs_scheduler(struct ip_vs_scheduler *scheduler);
 761extern int ip_vs_bind_scheduler(struct ip_vs_service *svc,
 762                                struct ip_vs_scheduler *scheduler);
 763extern int ip_vs_unbind_scheduler(struct ip_vs_service *svc);
 764extern struct ip_vs_scheduler *ip_vs_scheduler_get(const char *sched_name);
 765extern void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler);
 766extern struct ip_vs_conn *
 767ip_vs_schedule(struct ip_vs_service *svc, const struct sk_buff *skb);
 768extern int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
 769                        struct ip_vs_protocol *pp);
 770
 771
 772/*
 773 *      IPVS control data and functions (from ip_vs_ctl.c)
 774 */
 775extern int sysctl_ip_vs_cache_bypass;
 776extern int sysctl_ip_vs_expire_nodest_conn;
 777extern int sysctl_ip_vs_expire_quiescent_template;
 778extern int sysctl_ip_vs_sync_threshold[2];
 779extern int sysctl_ip_vs_nat_icmp_send;
 780extern struct ip_vs_stats ip_vs_stats;
 781extern const struct ctl_path net_vs_ctl_path[];
 782
 783extern struct ip_vs_service *
 784ip_vs_service_get(int af, __u32 fwmark, __u16 protocol,
 785                  const union nf_inet_addr *vaddr, __be16 vport);
 786
 787static inline void ip_vs_service_put(struct ip_vs_service *svc)
 788{
 789        atomic_dec(&svc->usecnt);
 790}
 791
 792extern struct ip_vs_dest *
 793ip_vs_lookup_real_service(int af, __u16 protocol,
 794                          const union nf_inet_addr *daddr, __be16 dport);
 795
 796extern int ip_vs_use_count_inc(void);
 797extern void ip_vs_use_count_dec(void);
 798extern int ip_vs_control_init(void);
 799extern void ip_vs_control_cleanup(void);
 800extern struct ip_vs_dest *
 801ip_vs_find_dest(int af, const union nf_inet_addr *daddr, __be16 dport,
 802                const union nf_inet_addr *vaddr, __be16 vport, __u16 protocol);
 803extern struct ip_vs_dest *ip_vs_try_bind_dest(struct ip_vs_conn *cp);
 804
 805
 806/*
 807 *      IPVS sync daemon data and function prototypes
 808 *      (from ip_vs_sync.c)
 809 */
 810extern volatile int ip_vs_sync_state;
 811extern volatile int ip_vs_master_syncid;
 812extern volatile int ip_vs_backup_syncid;
 813extern char ip_vs_master_mcast_ifn[IP_VS_IFNAME_MAXLEN];
 814extern char ip_vs_backup_mcast_ifn[IP_VS_IFNAME_MAXLEN];
 815extern int start_sync_thread(int state, char *mcast_ifn, __u8 syncid);
 816extern int stop_sync_thread(int state);
 817extern void ip_vs_sync_conn(struct ip_vs_conn *cp);
 818
 819
 820/*
 821 *      IPVS rate estimator prototypes (from ip_vs_est.c)
 822 */
 823extern int ip_vs_estimator_init(void);
 824extern void ip_vs_estimator_cleanup(void);
 825extern void ip_vs_new_estimator(struct ip_vs_stats *stats);
 826extern void ip_vs_kill_estimator(struct ip_vs_stats *stats);
 827extern void ip_vs_zero_estimator(struct ip_vs_stats *stats);
 828
 829/*
 830 *      Various IPVS packet transmitters (from ip_vs_xmit.c)
 831 */
 832extern int ip_vs_null_xmit
 833(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 834extern int ip_vs_bypass_xmit
 835(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 836extern int ip_vs_nat_xmit
 837(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 838extern int ip_vs_tunnel_xmit
 839(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 840extern int ip_vs_dr_xmit
 841(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 842extern int ip_vs_icmp_xmit
 843(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp, int offset);
 844extern void ip_vs_dst_reset(struct ip_vs_dest *dest);
 845
 846#ifdef CONFIG_IP_VS_IPV6
 847extern int ip_vs_bypass_xmit_v6
 848(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 849extern int ip_vs_nat_xmit_v6
 850(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 851extern int ip_vs_tunnel_xmit_v6
 852(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 853extern int ip_vs_dr_xmit_v6
 854(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 855extern int ip_vs_icmp_xmit_v6
 856(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp,
 857 int offset);
 858#endif
 859
 860/*
 861 *      This is a simple mechanism to ignore packets when
 862 *      we are loaded. Just set ip_vs_drop_rate to 'n' and
 863 *      we start to drop 1/rate of the packets
 864 */
 865extern int ip_vs_drop_rate;
 866extern int ip_vs_drop_counter;
 867
 868static __inline__ int ip_vs_todrop(void)
 869{
 870        if (!ip_vs_drop_rate) return 0;
 871        if (--ip_vs_drop_counter > 0) return 0;
 872        ip_vs_drop_counter = ip_vs_drop_rate;
 873        return 1;
 874}
 875
 876/*
 877 *      ip_vs_fwd_tag returns the forwarding tag of the connection
 878 */
 879#define IP_VS_FWD_METHOD(cp)  (cp->flags & IP_VS_CONN_F_FWD_MASK)
 880
 881static inline char ip_vs_fwd_tag(struct ip_vs_conn *cp)
 882{
 883        char fwd;
 884
 885        switch (IP_VS_FWD_METHOD(cp)) {
 886        case IP_VS_CONN_F_MASQ:
 887                fwd = 'M'; break;
 888        case IP_VS_CONN_F_LOCALNODE:
 889                fwd = 'L'; break;
 890        case IP_VS_CONN_F_TUNNEL:
 891                fwd = 'T'; break;
 892        case IP_VS_CONN_F_DROUTE:
 893                fwd = 'R'; break;
 894        case IP_VS_CONN_F_BYPASS:
 895                fwd = 'B'; break;
 896        default:
 897                fwd = '?'; break;
 898        }
 899        return fwd;
 900}
 901
 902extern void ip_vs_nat_icmp(struct sk_buff *skb, struct ip_vs_protocol *pp,
 903                           struct ip_vs_conn *cp, int dir);
 904
 905#ifdef CONFIG_IP_VS_IPV6
 906extern void ip_vs_nat_icmp_v6(struct sk_buff *skb, struct ip_vs_protocol *pp,
 907                              struct ip_vs_conn *cp, int dir);
 908#endif
 909
 910extern __sum16 ip_vs_checksum_complete(struct sk_buff *skb, int offset);
 911
 912static inline __wsum ip_vs_check_diff4(__be32 old, __be32 new, __wsum oldsum)
 913{
 914        __be32 diff[2] = { ~old, new };
 915
 916        return csum_partial(diff, sizeof(diff), oldsum);
 917}
 918
 919#ifdef CONFIG_IP_VS_IPV6
 920static inline __wsum ip_vs_check_diff16(const __be32 *old, const __be32 *new,
 921                                        __wsum oldsum)
 922{
 923        __be32 diff[8] = { ~old[3], ~old[2], ~old[1], ~old[0],
 924                            new[3],  new[2],  new[1],  new[0] };
 925
 926        return csum_partial(diff, sizeof(diff), oldsum);
 927}
 928#endif
 929
 930static inline __wsum ip_vs_check_diff2(__be16 old, __be16 new, __wsum oldsum)
 931{
 932        __be16 diff[2] = { ~old, new };
 933
 934        return csum_partial(diff, sizeof(diff), oldsum);
 935}
 936
 937#endif /* __KERNEL__ */
 938
 939#endif  /* _NET_IP_VS_H */
 940