LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] Trying to port Carlos Lozano's patch from 2.4 -> 2.6

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] Trying to port Carlos Lozano's patch from 2.4 -> 2.6
From: lists <lists@xxxxxxxxxxxxxxxx>
Date: Thu, 22 May 2008 12:27:54 +0100
I'm Trying to port Carlos Lozano's patch from 2.4 -> 2.6
In order to run an SSL reverse proxy on the same node that is running LVS
i.e.

External client ---> IPVS:443 --> Local:443 ---> IPVS:80 ---> RealServer

unfortunately I'm a bit clueless.


 Carlos Lozano's ip_vs_core.c.diff

Patch was for 2.4.26 :

--Boundary_(ID_5wN8QWLw4HLwW3hHoq9h9A)
Content-type: text/plain; charset=us-ascii
Content-disposition: attachment; filename="ip_vs_core.c.diff"

--- ip_vs_core.c.orig   2003-11-28 19:26:21.000000000 +0100
+++ ip_vs_core.c.list   2004-07-02 11:13:51.000000000 +0200
@@ -1036,7 +1036,7 @@
         *      Big tappo: only PACKET_HOST (nor loopback neither mcasts)
         *      ... don't know why 1st test DOES NOT include 2nd (?)
         */
-       if (skb->pkt_type != PACKET_HOST || skb->dev == &loopback_dev) {
+       if (skb->pkt_type != PACKET_HOST) { /* || skb->dev == &loopback_dev) { 
*/
                IP_VS_DBG(12, "packet type=%d proto=%d daddr=%d.%d.%d.%d 
ignored\n",
                          skb->pkt_type,
                          iph->protocol,
Done that bit....i.e.
        if (unlikely(skb->pkt_type != PACKET_HOST)
                    { /* || skb->dev->flags & IFF_LOOPBACK || skb->sk)) { */
                IP_VS_DBG(12, "packet type=%d proto=%d daddr=%d.%d.%d.%d 
ignored\n",


But the next bit looks completely different in kernel 2.6.... the patch was as 
follows:
@@ -1059,6 +1059,13 @@
        iph = skb->nh.iph;
        h.raw = (char*) iph + ihl;
 
+        cp = ip_vs_conn_out_get(iph->protocol, iph->saddr, h.portp[0],
+                               iph->daddr, h.portp[1]);
+        if (cp) {
+           __ip_vs_conn_put(cp);
+           return (ip_vs_out(hooknum,skb_p,in,out,okfn));
+        }
+
        /*
         * Check if the packet belongs to an existing connection entry
         */

--Boundary_(ID_5wN8QWLw4HLwW3hHoq9h9A)




But the current 2.6.25 code looks like this?:

    /* Protocol supported? */
    pp = ip_vs_proto_get(iph->protocol);
    if (unlikely(!pp))
        return NF_ACCEPT;

    ihl = iph->ihl << 2;

    /*
     * Check if the packet belongs to an existing connection entry
     */
    cp = pp->conn_in_get(skb, pp, iph, ihl, 0);

    if (unlikely(!cp)) {
        int v;

        if (!pp->conn_schedule(skb, pp, &v, &cp))
            return v;
    }

    if (unlikely(!cp)) {
        /* sorry, all this trouble for a no-hit :) */
        IP_VS_DBG_PKT(12, pp, skb, 0,
                  "packet continues traversal as normal");
        return NF_ACCEPT;
    }


Any ideas what the patch should look like for 2.6 rather than 2.4?




<Prev in Thread] Current Thread [Next in Thread>
  • [lvs-users] Trying to port Carlos Lozano's patch from 2.4 -> 2.6, lists <=