|
On Tue, Jul 17, 2018 at 02:34:21PM +0200, Simon Horman wrote:
> On Fri, Jul 06, 2018 at 08:25:51AM +0300, Julian Anastasov wrote:
> > This patchset changes how templates are dropped under attack.
> >
> > Patch 1 changes ip_vs_state_name arguments, so that we can
> > print in followup patch info by using just state.
> >
> > Patch 2 implements assured flag for connection templates to
> > indicate that connection progressed after initial packet.
> >
> > Patch 3 uses the assured state to decide if to drop connection
> > templates under attack.
> >
> > The patchset is based on implementation from Michal Koutný but
> > extended to other protocols. The other difference is that we
> > use cp->state for template flags because there are no many
> > free bits in cp->flags that are sent in the sync protocol
> > messages.
> >
> > v1->v2:
> > - first patch in v1 was split to patches 1 and 2
> > - in patch 2 do not clear unknown bits in the state received by backup
> > server
>
> Sorry for the delay. This looks good to me.
>
> Reviewed-by: Simon Horman <horms+renesas@xxxxxxxxxxxx>
>
> Pablo, could you take this through nf-next?
Sure, will do asap, thanks.
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|
