[PATCHv3 23/24] IPVS: Activate IPv6 Netfilter hooks

To:	netdev@xxxxxxxxxxxxxxx, lvs-devel@xxxxxxxxxxxxxxx
Subject:	[PATCHv3 23/24] IPVS: Activate IPv6 Netfilter hooks
Cc:	horms@xxxxxxxxxxxx, kaber@xxxxxxxxx, vbusam@xxxxxxxxxx, Julius Volz <juliusv@xxxxxxxxxx>
From:	Julius Volz <juliusv@xxxxxxxxxx>
Date:	Tue, 2 Sep 2008 15:55:54 +0200

To:

netdev@xxxxxxxxxxxxxxx, lvs-devel@xxxxxxxxxxxxxxx

Subject:

[PATCHv3 23/24] IPVS: Activate IPv6 Netfilter hooks

Cc:

horms@xxxxxxxxxxxx, kaber@xxxxxxxxx, vbusam@xxxxxxxxxx, Julius Volz <juliusv@xxxxxxxxxx>

From:

Julius Volz <juliusv@xxxxxxxxxx>

Date:

Tue, 2 Sep 2008 15:55:54 +0200

Register the previously defined or adapted netfilter hook functions for
IPv6 as PF_INET6 hooks.

Signed-off-by: Julius Volz <juliusv@xxxxxxxxxx>

 1 files changed, 37 insertions(+), 0 deletions(-)

diff --git a/net/ipv4/ipvs/ip_vs_core.c b/net/ipv4/ipvs/ip_vs_core.c
index 5a7a817..7d3de9d 100644
--- a/net/ipv4/ipvs/ip_vs_core.c
+++ b/net/ipv4/ipvs/ip_vs_core.c
@@ -1413,6 +1413,43 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
                .hooknum        = NF_INET_POST_ROUTING,
                .priority       = NF_IP_PRI_NAT_SRC-1,
        },
+#ifdef CONFIG_IP_VS_IPV6
+       /* After packet filtering, forward packet through VS/DR, VS/TUN,
+        * or VS/NAT(change destination), so that filtering rules can be
+        * applied to IPVS. */
+       {
+               .hook           = ip_vs_in,
+               .owner          = THIS_MODULE,
+               .pf             = PF_INET6,
+               .hooknum        = NF_INET_LOCAL_IN,
+               .priority       = 100,
+       },
+       /* After packet filtering, change source only for VS/NAT */
+       {
+               .hook           = ip_vs_out,
+               .owner          = THIS_MODULE,
+               .pf             = PF_INET6,
+               .hooknum        = NF_INET_FORWARD,
+               .priority       = 100,
+       },
+       /* After packet filtering (but before ip_vs_out_icmp), catch icmp
+        * destined for 0.0.0.0/0, which is for incoming IPVS connections */
+       {
+               .hook           = ip_vs_forward_icmp_v6,
+               .owner          = THIS_MODULE,
+               .pf             = PF_INET6,
+               .hooknum        = NF_INET_FORWARD,
+               .priority       = 99,
+       },
+       /* Before the netfilter connection tracking, exit from POST_ROUTING */
+       {
+               .hook           = ip_vs_post_routing,
+               .owner          = THIS_MODULE,
+               .pf             = PF_INET6,
+               .hooknum        = NF_INET_POST_ROUTING,
+               .priority       = NF_IP6_PRI_NAT_SRC-1,
+       },
+#endif
 };
 
 
-- 
1.5.4.5

--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCHv3 00/24] Add first IPv6 support to IPVS, (continued) [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz Re: [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 03/24] IPVS: Add general v4/v6 helper functions / data structures, Julius Volz [PATCHv3 21/24] IPVS: Add function to determine if IPv6 address is local, Julius Volz [PATCH] ipvs: Reject ipv6 link-local addresses for destinations, Sven Wegener [PATCHv3 20/24] IPVS: Turn off FTP application helper for IPv6, Julius Volz [PATCHv3 13/24] IPVS: Add IPv6 support to xmit() support functions, Julius Volz [PATCHv3 10/24] IPVS: Add protocol debug functions for IPv6, Julius Volz [PATCH] ipvs: Mark tcp/udp v4 and v6 debug functions static, Sven Wegener [PATCHv3 23/24] IPVS: Activate IPv6 Netfilter hooks, Julius Volz <= [PATCHv3 18/24] IPVS: Convert procfs files for IPv6 entry output, Julius Volz [PATCHv3 19/24] IVPS: Disable sync daemon for IPv6 connections, Julius Volz [PATCHv3 02/24] IPVS: Change IPVS data structures to support IPv6 addresses, Julius Volz [PATCHv3 01/24] IPVS: Add CONFIG_IP_VS_IPV6 option for IPv6 support, Julius Volz [PATCHv3 15/24] IPVS: Extend scheduling functions for IPv6 support, Julius Volz [PATCHv3 24/24] IPVS: Allow adding IPv6 services from userspace, Julius Volz [PATCH] ipvs: Return negative error values from ip_vs_edit_service(), Sven Wegener [PATCHv3 09/24] IPVS: Add 'af' args to protocol handler functions, Julius Volz [PATCHv3 12/24] IPVS: Extend functions for getting/creating connections, Julius Volz [PATCH] ipvs: Use pointer to address from sync message, Sven Wegener

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[PATCHv3 10/24] IPVS: Add protocol debug functions for IPv6, Julius Volz
Next by Date:	[PATCHv3 18/24] IPVS: Convert procfs files for IPv6 entry output, Julius Volz
Previous by Thread:	[PATCH] ipvs: Mark tcp/udp v4 and v6 debug functions static, Sven Wegener
Next by Thread:	[PATCHv3 18/24] IPVS: Convert procfs files for IPv6 entry output, Julius Volz
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[PATCHv3 10/24] IPVS: Add protocol debug functions for IPv6, Julius Volz

Next by Date:

[PATCHv3 18/24] IPVS: Convert procfs files for IPv6 entry output, Julius Volz

Previous by Thread:

[PATCH] ipvs: Mark tcp/udp v4 and v6 debug functions static, Sven Wegener

Next by Thread:

[PATCHv3 18/24] IPVS: Convert procfs files for IPv6 entry output, Julius Volz

Indexes:

[Date] [Thread] [Top] [All Lists]