LXR linux/include/net/ip

   1/*
   2 *      IP Virtual Server
   3 *      data structure and functionality definitions
   4 */
   5
   6#ifndef _NET_IP_VS_H
   7#define _NET_IP_VS_H
   8
   9#include <linux/ip_vs.h>                /* definitions shared with userland */
  10
  11/* old ipvsadm versions still include this file directly */
  12#ifdef __KERNEL__
  13
  14#include <asm/types.h>                  /* for __uXX types */
  15
  16#include <linux/sysctl.h>               /* for ctl_path */
  17#include <linux/list.h>                 /* for struct list_head */
  18#include <linux/spinlock.h>             /* for struct rwlock_t */
  19#include <asm/atomic.h>                 /* for struct atomic_t */
  20#include <linux/compiler.h>
  21#include <linux/timer.h>
  22
  23#include <net/checksum.h>
  24#include <linux/netfilter.h>            /* for union nf_inet_addr */
  25#include <linux/ip.h>
  26#include <linux/ipv6.h>                 /* for struct ipv6hdr */
  27#include <net/ipv6.h>                   /* for ipv6_addr_copy */
  28
  29struct ip_vs_iphdr {
  30        int len;
  31        __u8 protocol;
  32        union nf_inet_addr saddr;
  33        union nf_inet_addr daddr;
  34};
  35
  36static inline void
  37ip_vs_fill_iphdr(int af, const void *nh, struct ip_vs_iphdr *iphdr)
  38{
  39#ifdef CONFIG_IP_VS_IPV6
  40        if (af == AF_INET6) {
  41                const struct ipv6hdr *iph = nh;
  42                iphdr->len = sizeof(struct ipv6hdr);
  43                iphdr->protocol = iph->nexthdr;
  44                ipv6_addr_copy(&iphdr->saddr.in6, &iph->saddr);
  45                ipv6_addr_copy(&iphdr->daddr.in6, &iph->daddr);
  46        } else
  47#endif
  48        {
  49                const struct iphdr *iph = nh;
  50                iphdr->len = iph->ihl * 4;
  51                iphdr->protocol = iph->protocol;
  52                iphdr->saddr.ip = iph->saddr;
  53                iphdr->daddr.ip = iph->daddr;
  54        }
  55}
  56
  57static inline void ip_vs_addr_copy(int af, union nf_inet_addr *dst,
  58                                   const union nf_inet_addr *src)
  59{
  60#ifdef CONFIG_IP_VS_IPV6
  61        if (af == AF_INET6)
  62                ipv6_addr_copy(&dst->in6, &src->in6);
  63        else
  64#endif
  65        dst->ip = src->ip;
  66}
  67
  68static inline int ip_vs_addr_equal(int af, const union nf_inet_addr *a,
  69                                   const union nf_inet_addr *b)
  70{
  71#ifdef CONFIG_IP_VS_IPV6
  72        if (af == AF_INET6)
  73                return ipv6_addr_equal(&a->in6, &b->in6);
  74#endif
  75        return a->ip == b->ip;
  76}
  77
  78#ifdef CONFIG_IP_VS_DEBUG
  79#include <linux/net.h>
  80
  81extern int ip_vs_get_debug_level(void);
  82
  83static inline const char *ip_vs_dbg_addr(int af, char *buf, size_t buf_len,
  84                                         const union nf_inet_addr *addr,
  85                                         int *idx)
  86{
  87        int len;
  88#ifdef CONFIG_IP_VS_IPV6
  89        if (af == AF_INET6)
  90                len = snprintf(&buf[*idx], buf_len - *idx, "[%pI6]",
  91                               &addr->in6) + 1;
  92        else
  93#endif
  94                len = snprintf(&buf[*idx], buf_len - *idx, "%pI4",
  95                               &addr->ip) + 1;
  96
  97        *idx += len;
  98        BUG_ON(*idx > buf_len + 1);
  99        return &buf[*idx - len];
 100}
 101
 102#define IP_VS_DBG_BUF(level, msg, ...)                                  \
 103        do {                                                            \
 104                char ip_vs_dbg_buf[160];                                \
 105                int ip_vs_dbg_idx = 0;                                  \
 106                if (level <= ip_vs_get_debug_level())                   \
 107                        printk(KERN_DEBUG pr_fmt(msg), ##__VA_ARGS__);  \
 108        } while (0)
 109#define IP_VS_ERR_BUF(msg...)                                           \
 110        do {                                                            \
 111                char ip_vs_dbg_buf[160];                                \
 112                int ip_vs_dbg_idx = 0;                                  \
 113                pr_err(msg);                                            \
 114        } while (0)
 115
 116/* Only use from within IP_VS_DBG_BUF() or IP_VS_ERR_BUF macros */
 117#define IP_VS_DBG_ADDR(af, addr)                                        \
 118        ip_vs_dbg_addr(af, ip_vs_dbg_buf,                               \
 119                       sizeof(ip_vs_dbg_buf), addr,                     \
 120                       &ip_vs_dbg_idx)
 121
 122#define IP_VS_DBG(level, msg, ...)                                      \
 123        do {                                                            \
 124                if (level <= ip_vs_get_debug_level())                   \
 125                        printk(KERN_DEBUG pr_fmt(msg), ##__VA_ARGS__);  \
 126        } while (0)
 127#define IP_VS_DBG_RL(msg, ...)                                          \
 128        do {                                                            \
 129                if (net_ratelimit())                                    \
 130                        printk(KERN_DEBUG pr_fmt(msg), ##__VA_ARGS__);  \
 131        } while (0)
 132#define IP_VS_DBG_PKT(level, pp, skb, ofs, msg)                         \
 133        do {                                                            \
 134                if (level <= ip_vs_get_debug_level())                   \
 135                        pp->debug_packet(pp, skb, ofs, msg);            \
 136        } while (0)
 137#define IP_VS_DBG_RL_PKT(level, pp, skb, ofs, msg)                      \
 138        do {                                                            \
 139                if (level <= ip_vs_get_debug_level() &&                 \
 140                    net_ratelimit())                                    \
 141                        pp->debug_packet(pp, skb, ofs, msg);            \
 142        } while (0)
 143#else   /* NO DEBUGGING at ALL */
 144#define IP_VS_DBG_BUF(level, msg...)  do {} while (0)
 145#define IP_VS_ERR_BUF(msg...)  do {} while (0)
 146#define IP_VS_DBG(level, msg...)  do {} while (0)
 147#define IP_VS_DBG_RL(msg...)  do {} while (0)
 148#define IP_VS_DBG_PKT(level, pp, skb, ofs, msg)         do {} while (0)
 149#define IP_VS_DBG_RL_PKT(level, pp, skb, ofs, msg)      do {} while (0)
 150#endif
 151
 152#define IP_VS_BUG() BUG()
 153#define IP_VS_ERR_RL(msg, ...)                                          \
 154        do {                                                            \
 155                if (net_ratelimit())                                    \
 156                        pr_err(msg, ##__VA_ARGS__);                     \
 157        } while (0)
 158
 159#ifdef CONFIG_IP_VS_DEBUG
 160#define EnterFunction(level)                                            \
 161        do {                                                            \
 162                if (level <= ip_vs_get_debug_level())                   \
 163                        printk(KERN_DEBUG                               \
 164                               pr_fmt("Enter: %s, %s line %i\n"),       \
 165                               __func__, __FILE__, __LINE__);           \
 166        } while (0)
 167#define LeaveFunction(level)                                            \
 168        do {                                                            \
 169                if (level <= ip_vs_get_debug_level())                   \
 170                        printk(KERN_DEBUG                               \
 171                               pr_fmt("Leave: %s, %s line %i\n"),       \
 172                               __func__, __FILE__, __LINE__);           \
 173        } while (0)
 174#else
 175#define EnterFunction(level)   do {} while (0)
 176#define LeaveFunction(level)   do {} while (0)
 177#endif
 178
 179#define IP_VS_WAIT_WHILE(expr)  while (expr) { cpu_relax(); }
 180
 181
 182/*
 183 *      The port number of FTP service (in network order).
 184 */
 185#define FTPPORT  cpu_to_be16(21)
 186#define FTPDATA  cpu_to_be16(20)
 187
 188/*
 189 *      TCP State Values
 190 */
 191enum {
 192        IP_VS_TCP_S_NONE = 0,
 193        IP_VS_TCP_S_ESTABLISHED,
 194        IP_VS_TCP_S_SYN_SENT,
 195        IP_VS_TCP_S_SYN_RECV,
 196        IP_VS_TCP_S_FIN_WAIT,
 197        IP_VS_TCP_S_TIME_WAIT,
 198        IP_VS_TCP_S_CLOSE,
 199        IP_VS_TCP_S_CLOSE_WAIT,
 200        IP_VS_TCP_S_LAST_ACK,
 201        IP_VS_TCP_S_LISTEN,
 202        IP_VS_TCP_S_SYNACK,
 203        IP_VS_TCP_S_LAST
 204};
 205
 206/*
 207 *      UDP State Values
 208 */
 209enum {
 210        IP_VS_UDP_S_NORMAL,
 211        IP_VS_UDP_S_LAST,
 212};
 213
 214/*
 215 *      ICMP State Values
 216 */
 217enum {
 218        IP_VS_ICMP_S_NORMAL,
 219        IP_VS_ICMP_S_LAST,
 220};
 221
 222/*
 223 *      Delta sequence info structure
 224 *      Each ip_vs_conn has 2 (output AND input seq. changes).
 225 *      Only used in the VS/NAT.
 226 */
 227struct ip_vs_seq {
 228        __u32                   init_seq;       /* Add delta from this seq */
 229        __u32                   delta;          /* Delta in sequence numbers */
 230        __u32                   previous_delta; /* Delta in sequence numbers
 231                                                   before last resized pkt */
 232};
 233
 234
 235/*
 236 *      IPVS statistics objects
 237 */
 238struct ip_vs_estimator {
 239        struct list_head        list;
 240
 241        u64                     last_inbytes;
 242        u64                     last_outbytes;
 243        u32                     last_conns;
 244        u32                     last_inpkts;
 245        u32                     last_outpkts;
 246
 247        u32                     cps;
 248        u32                     inpps;
 249        u32                     outpps;
 250        u32                     inbps;
 251        u32                     outbps;
 252};
 253
 254struct ip_vs_stats
 255{
 256        struct ip_vs_stats_user ustats;         /* statistics */
 257        struct ip_vs_estimator  est;            /* estimator */
 258
 259        spinlock_t              lock;           /* spin lock */
 260};
 261
 262struct dst_entry;
 263struct iphdr;
 264struct ip_vs_conn;
 265struct ip_vs_app;
 266struct sk_buff;
 267
 268struct ip_vs_protocol {
 269        struct ip_vs_protocol   *next;
 270        char                    *name;
 271        u16                     protocol;
 272        u16                     num_states;
 273        int                     dont_defrag;
 274        atomic_t                appcnt;         /* counter of proto app incs */
 275        int                     *timeout_table; /* protocol timeout table */
 276
 277        void (*init)(struct ip_vs_protocol *pp);
 278
 279        void (*exit)(struct ip_vs_protocol *pp);
 280
 281        int (*conn_schedule)(int af, struct sk_buff *skb,
 282                             struct ip_vs_protocol *pp,
 283                             int *verdict, struct ip_vs_conn **cpp);
 284
 285        struct ip_vs_conn *
 286        (*conn_in_get)(int af,
 287                       const struct sk_buff *skb,
 288                       struct ip_vs_protocol *pp,
 289                       const struct ip_vs_iphdr *iph,
 290                       unsigned int proto_off,
 291                       int inverse);
 292
 293        struct ip_vs_conn *
 294        (*conn_out_get)(int af,
 295                        const struct sk_buff *skb,
 296                        struct ip_vs_protocol *pp,
 297                        const struct ip_vs_iphdr *iph,
 298                        unsigned int proto_off,
 299                        int inverse);
 300
 301        int (*snat_handler)(struct sk_buff *skb,
 302                            struct ip_vs_protocol *pp, struct ip_vs_conn *cp);
 303
 304        int (*dnat_handler)(struct sk_buff *skb,
 305                            struct ip_vs_protocol *pp, struct ip_vs_conn *cp);
 306
 307        int (*csum_check)(int af, struct sk_buff *skb,
 308                          struct ip_vs_protocol *pp);
 309
 310        const char *(*state_name)(int state);
 311
 312        int (*state_transition)(struct ip_vs_conn *cp, int direction,
 313                                const struct sk_buff *skb,
 314                                struct ip_vs_protocol *pp);
 315
 316        int (*register_app)(struct ip_vs_app *inc);
 317
 318        void (*unregister_app)(struct ip_vs_app *inc);
 319
 320        int (*app_conn_bind)(struct ip_vs_conn *cp);
 321
 322        void (*debug_packet)(struct ip_vs_protocol *pp,
 323                             const struct sk_buff *skb,
 324                             int offset,
 325                             const char *msg);
 326
 327        void (*timeout_change)(struct ip_vs_protocol *pp, int flags);
 328
 329        int (*set_state_timeout)(struct ip_vs_protocol *pp, char *sname, int to);
 330};
 331
 332extern struct ip_vs_protocol * ip_vs_proto_get(unsigned short proto);
 333
 334/*
 335 *      IP_VS structure allocated for each dynamically scheduled connection
 336 */
 337struct ip_vs_conn {
 338        struct list_head        c_list;         /* hashed list heads */
 339
 340        /* Protocol, addresses and port numbers */
 341        u16                      af;            /* address family */
 342        union nf_inet_addr       caddr;          /* client address */
 343        union nf_inet_addr       vaddr;          /* virtual address */
 344        union nf_inet_addr       daddr;          /* destination address */
 345        __be16                   cport;
 346        __be16                   vport;
 347        __be16                   dport;
 348        __u16                   protocol;       /* Which protocol (TCP/UDP) */
 349
 350        /* counter and timer */
 351        atomic_t                refcnt;         /* reference count */
 352        struct timer_list       timer;          /* Expiration timer */
 353        volatile unsigned long  timeout;        /* timeout */
 354
 355        /* Flags and state transition */
 356        spinlock_t              lock;           /* lock for state transition */
 357        volatile __u16          flags;          /* status flags */
 358        volatile __u16          state;          /* state info */
 359        volatile __u16          old_state;      /* old state, to be used for
 360                                                 * state transition triggerd
 361                                                 * synchronization
 362                                                 */
 363
 364        /* Control members */
 365        struct ip_vs_conn       *control;       /* Master control connection */
 366        atomic_t                n_control;      /* Number of controlled ones */
 367        struct ip_vs_dest       *dest;          /* real server */
 368        atomic_t                in_pkts;        /* incoming packet counter */
 369
 370        /* packet transmitter for different forwarding methods.  If it
 371           mangles the packet, it must return NF_DROP or better NF_STOLEN,
 372           otherwise this must be changed to a sk_buff **.
 373         */
 374        int (*packet_xmit)(struct sk_buff *skb, struct ip_vs_conn *cp,
 375                           struct ip_vs_protocol *pp);
 376
 377        /* Note: we can group the following members into a structure,
 378           in order to save more space, and the following members are
 379           only used in VS/NAT anyway */
 380        struct ip_vs_app        *app;           /* bound ip_vs_app object */
 381        void                    *app_data;      /* Application private data */
 382        struct ip_vs_seq        in_seq;         /* incoming seq. struct */
 383        struct ip_vs_seq        out_seq;        /* outgoing seq. struct */
 384};
 385
 386
 387/*
 388 *      Extended internal versions of struct ip_vs_service_user and
 389 *      ip_vs_dest_user for IPv6 support.
 390 *
 391 *      We need these to conveniently pass around service and destination
 392 *      options, but unfortunately, we also need to keep the old definitions to
 393 *      maintain userspace backwards compatibility for the setsockopt interface.
 394 */
 395struct ip_vs_service_user_kern {
 396        /* virtual service addresses */
 397        u16                     af;
 398        u16                     protocol;
 399        union nf_inet_addr      addr;           /* virtual ip address */
 400        u16                     port;
 401        u32                     fwmark;         /* firwall mark of service */
 402
 403        /* virtual service options */
 404        char                    *sched_name;
 405        unsigned                flags;          /* virtual service flags */
 406        unsigned                timeout;        /* persistent timeout in sec */
 407        u32                     netmask;        /* persistent netmask */
 408};
 409
 410
 411struct ip_vs_dest_user_kern {
 412        /* destination server address */
 413        union nf_inet_addr      addr;
 414        u16                     port;
 415
 416        /* real server options */
 417        unsigned                conn_flags;     /* connection flags */
 418        int                     weight;         /* destination weight */
 419
 420        /* thresholds for active connections */
 421        u32                     u_threshold;    /* upper threshold */
 422        u32                     l_threshold;    /* lower threshold */
 423};
 424
 425
 426/*
 427 *      The information about the virtual service offered to the net
 428 *      and the forwarding entries
 429 */
 430struct ip_vs_service {
 431        struct list_head        s_list;   /* for normal service table */
 432        struct list_head        f_list;   /* for fwmark-based service table */
 433        atomic_t                refcnt;   /* reference counter */
 434        atomic_t                usecnt;   /* use counter */
 435
 436        u16                     af;       /* address family */
 437        __u16                   protocol; /* which protocol (TCP/UDP) */
 438        union nf_inet_addr      addr;     /* IP address for virtual service */
 439        __be16                  port;     /* port number for the service */
 440        __u32                   fwmark;   /* firewall mark of the service */
 441        unsigned                flags;    /* service status flags */
 442        unsigned                timeout;  /* persistent timeout in ticks */
 443        __be32                  netmask;  /* grouping granularity */
 444
 445        struct list_head        destinations;  /* real server d-linked list */
 446        __u32                   num_dests;     /* number of servers */
 447        struct ip_vs_stats      stats;         /* statistics for the service */
 448        struct ip_vs_app        *inc;     /* bind conns to this app inc */
 449
 450        /* for scheduling */
 451        struct ip_vs_scheduler  *scheduler;    /* bound scheduler object */
 452        rwlock_t                sched_lock;    /* lock sched_data */
 453        void                    *sched_data;   /* scheduler application data */
 454};
 455
 456
 457/*
 458 *      The real server destination forwarding entry
 459 *      with ip address, port number, and so on.
 460 */
 461struct ip_vs_dest {
 462        struct list_head        n_list;   /* for the dests in the service */
 463        struct list_head        d_list;   /* for table with all the dests */
 464
 465        u16                     af;             /* address family */
 466        union nf_inet_addr      addr;           /* IP address of the server */
 467        __be16                  port;           /* port number of the server */
 468        volatile unsigned       flags;          /* dest status flags */
 469        atomic_t                conn_flags;     /* flags to copy to conn */
 470        atomic_t                weight;         /* server weight */
 471
 472        atomic_t                refcnt;         /* reference counter */
 473        struct ip_vs_stats      stats;          /* statistics */
 474
 475        /* connection counters and thresholds */
 476        atomic_t                activeconns;    /* active connections */
 477        atomic_t                inactconns;     /* inactive connections */
 478        atomic_t                persistconns;   /* persistent connections */
 479        __u32                   u_threshold;    /* upper threshold */
 480        __u32                   l_threshold;    /* lower threshold */
 481
 482        /* for destination cache */
 483        spinlock_t              dst_lock;       /* lock of dst_cache */
 484        struct dst_entry        *dst_cache;     /* destination cache entry */
 485        u32                     dst_rtos;       /* RT_TOS(tos) for dst */
 486
 487        /* for virtual service */
 488        struct ip_vs_service    *svc;           /* service it belongs to */
 489        __u16                   protocol;       /* which protocol (TCP/UDP) */
 490        union nf_inet_addr      vaddr;          /* virtual IP address */
 491        __be16                  vport;          /* virtual port number */
 492        __u32                   vfwmark;        /* firewall mark of service */
 493};
 494
 495
 496/*
 497 *      The scheduler object
 498 */
 499struct ip_vs_scheduler {
 500        struct list_head        n_list;         /* d-linked list head */
 501        char                    *name;          /* scheduler name */
 502        atomic_t                refcnt;         /* reference counter */
 503        struct module           *module;        /* THIS_MODULE/NULL */
 504
 505        /* scheduler initializing service */
 506        int (*init_service)(struct ip_vs_service *svc);
 507        /* scheduling service finish */
 508        int (*done_service)(struct ip_vs_service *svc);
 509        /* scheduler updating service */
 510        int (*update_service)(struct ip_vs_service *svc);
 511
 512        /* selecting a server from the given service */
 513        struct ip_vs_dest* (*schedule)(struct ip_vs_service *svc,
 514                                       const struct sk_buff *skb);
 515};
 516
 517
 518/*
 519 *      The application module object (a.k.a. app incarnation)
 520 */
 521struct ip_vs_app
 522{
 523        struct list_head        a_list;         /* member in app list */
 524        int                     type;           /* IP_VS_APP_TYPE_xxx */
 525        char                    *name;          /* application module name */
 526        __u16                   protocol;
 527        struct module           *module;        /* THIS_MODULE/NULL */
 528        struct list_head        incs_list;      /* list of incarnations */
 529
 530        /* members for application incarnations */
 531        struct list_head        p_list;         /* member in proto app list */
 532        struct ip_vs_app        *app;           /* its real application */
 533        __be16                  port;           /* port number in net order */
 534        atomic_t                usecnt;         /* usage counter */
 535
 536        /* output hook: return false if can't linearize. diff set for TCP.  */
 537        int (*pkt_out)(struct ip_vs_app *, struct ip_vs_conn *,
 538                       struct sk_buff *, int *diff);
 539
 540        /* input hook: return false if can't linearize. diff set for TCP. */
 541        int (*pkt_in)(struct ip_vs_app *, struct ip_vs_conn *,
 542                      struct sk_buff *, int *diff);
 543
 544        /* ip_vs_app initializer */
 545        int (*init_conn)(struct ip_vs_app *, struct ip_vs_conn *);
 546
 547        /* ip_vs_app finish */
 548        int (*done_conn)(struct ip_vs_app *, struct ip_vs_conn *);
 549
 550
 551        /* not used now */
 552        int (*bind_conn)(struct ip_vs_app *, struct ip_vs_conn *,
 553                         struct ip_vs_protocol *);
 554
 555        void (*unbind_conn)(struct ip_vs_app *, struct ip_vs_conn *);
 556
 557        int *                   timeout_table;
 558        int *                   timeouts;
 559        int                     timeouts_size;
 560
 561        int (*conn_schedule)(struct sk_buff *skb, struct ip_vs_app *app,
 562                             int *verdict, struct ip_vs_conn **cpp);
 563
 564        struct ip_vs_conn *
 565        (*conn_in_get)(const struct sk_buff *skb, struct ip_vs_app *app,
 566                       const struct iphdr *iph, unsigned int proto_off,
 567                       int inverse);
 568
 569        struct ip_vs_conn *
 570        (*conn_out_get)(const struct sk_buff *skb, struct ip_vs_app *app,
 571                        const struct iphdr *iph, unsigned int proto_off,
 572                        int inverse);
 573
 574        int (*state_transition)(struct ip_vs_conn *cp, int direction,
 575                                const struct sk_buff *skb,
 576                                struct ip_vs_app *app);
 577
 578        void (*timeout_change)(struct ip_vs_app *app, int flags);
 579};
 580
 581
 582/*
 583 *      IPVS core functions
 584 *      (from ip_vs_core.c)
 585 */
 586extern const char *ip_vs_proto_name(unsigned proto);
 587extern void ip_vs_init_hash_table(struct list_head *table, int rows);
 588#define IP_VS_INIT_HASH_TABLE(t) ip_vs_init_hash_table((t), ARRAY_SIZE((t)))
 589
 590#define IP_VS_APP_TYPE_FTP      1
 591
 592/*
 593 *     ip_vs_conn handling functions
 594 *     (from ip_vs_conn.c)
 595 */
 596
 597/*
 598 *     IPVS connection entry hash table
 599 */
 600#ifndef CONFIG_IP_VS_TAB_BITS
 601#define CONFIG_IP_VS_TAB_BITS   12
 602#endif
 603
 604#define IP_VS_CONN_TAB_BITS     CONFIG_IP_VS_TAB_BITS
 605#define IP_VS_CONN_TAB_SIZE     (1 << IP_VS_CONN_TAB_BITS)
 606#define IP_VS_CONN_TAB_MASK     (IP_VS_CONN_TAB_SIZE - 1)
 607
 608enum {
 609        IP_VS_DIR_INPUT = 0,
 610        IP_VS_DIR_OUTPUT,
 611        IP_VS_DIR_INPUT_ONLY,
 612        IP_VS_DIR_LAST,
 613};
 614
 615extern struct ip_vs_conn *ip_vs_conn_in_get
 616(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
 617 const union nf_inet_addr *d_addr, __be16 d_port);
 618
 619extern struct ip_vs_conn *ip_vs_ct_in_get
 620(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
 621 const union nf_inet_addr *d_addr, __be16 d_port);
 622
 623extern struct ip_vs_conn *ip_vs_conn_out_get
 624(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
 625 const union nf_inet_addr *d_addr, __be16 d_port);
 626
 627/* put back the conn without restarting its timer */
 628static inline void __ip_vs_conn_put(struct ip_vs_conn *cp)
 629{
 630        atomic_dec(&cp->refcnt);
 631}
 632extern void ip_vs_conn_put(struct ip_vs_conn *cp);
 633extern void ip_vs_conn_fill_cport(struct ip_vs_conn *cp, __be16 cport);
 634
 635extern struct ip_vs_conn *
 636ip_vs_conn_new(int af, int proto, const union nf_inet_addr *caddr, __be16 cport,
 637               const union nf_inet_addr *vaddr, __be16 vport,
 638               const union nf_inet_addr *daddr, __be16 dport, unsigned flags,
 639               struct ip_vs_dest *dest);
 640extern void ip_vs_conn_expire_now(struct ip_vs_conn *cp);
 641
 642extern const char * ip_vs_state_name(__u16 proto, int state);
 643
 644extern void ip_vs_tcp_conn_listen(struct ip_vs_conn *cp);
 645extern int ip_vs_check_template(struct ip_vs_conn *ct);
 646extern void ip_vs_random_dropentry(void);
 647extern int ip_vs_conn_init(void);
 648extern void ip_vs_conn_cleanup(void);
 649
 650static inline void ip_vs_control_del(struct ip_vs_conn *cp)
 651{
 652        struct ip_vs_conn *ctl_cp = cp->control;
 653        if (!ctl_cp) {
 654                IP_VS_ERR_BUF("request control DEL for uncontrolled: "
 655                              "%s:%d to %s:%d\n",
 656                              IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 657                              ntohs(cp->cport),
 658                              IP_VS_DBG_ADDR(cp->af, &cp->vaddr),
 659                              ntohs(cp->vport));
 660
 661                return;
 662        }
 663
 664        IP_VS_DBG_BUF(7, "DELeting control for: "
 665                      "cp.dst=%s:%d ctl_cp.dst=%s:%d\n",
 666                      IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 667                      ntohs(cp->cport),
 668                      IP_VS_DBG_ADDR(cp->af, &ctl_cp->caddr),
 669                      ntohs(ctl_cp->cport));
 670
 671        cp->control = NULL;
 672        if (atomic_read(&ctl_cp->n_control) == 0) {
 673                IP_VS_ERR_BUF("BUG control DEL with n=0 : "
 674                              "%s:%d to %s:%d\n",
 675                              IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 676                              ntohs(cp->cport),
 677                              IP_VS_DBG_ADDR(cp->af, &cp->vaddr),
 678                              ntohs(cp->vport));
 679
 680                return;
 681        }
 682        atomic_dec(&ctl_cp->n_control);
 683}
 684
 685static inline void
 686ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp)
 687{
 688        if (cp->control) {
 689                IP_VS_ERR_BUF("request control ADD for already controlled: "
 690                              "%s:%d to %s:%d\n",
 691                              IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 692                              ntohs(cp->cport),
 693                              IP_VS_DBG_ADDR(cp->af, &cp->vaddr),
 694                              ntohs(cp->vport));
 695
 696                ip_vs_control_del(cp);
 697        }
 698
 699        IP_VS_DBG_BUF(7, "ADDing control for: "
 700                      "cp.dst=%s:%d ctl_cp.dst=%s:%d\n",
 701                      IP_VS_DBG_ADDR(cp->af, &cp->caddr),
 702                      ntohs(cp->cport),
 703                      IP_VS_DBG_ADDR(cp->af, &ctl_cp->caddr),
 704                      ntohs(ctl_cp->cport));
 705
 706        cp->control = ctl_cp;
 707        atomic_inc(&ctl_cp->n_control);
 708}
 709
 710
 711/*
 712 *      IPVS application functions
 713 *      (from ip_vs_app.c)
 714 */
 715#define IP_VS_APP_MAX_PORTS  8
 716extern int register_ip_vs_app(struct ip_vs_app *app);
 717extern void unregister_ip_vs_app(struct ip_vs_app *app);
 718extern int ip_vs_bind_app(struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 719extern void ip_vs_unbind_app(struct ip_vs_conn *cp);
 720extern int
 721register_ip_vs_app_inc(struct ip_vs_app *app, __u16 proto, __u16 port);
 722extern int ip_vs_app_inc_get(struct ip_vs_app *inc);
 723extern void ip_vs_app_inc_put(struct ip_vs_app *inc);
 724
 725extern int ip_vs_app_pkt_out(struct ip_vs_conn *, struct sk_buff *skb);
 726extern int ip_vs_app_pkt_in(struct ip_vs_conn *, struct sk_buff *skb);
 727extern int ip_vs_skb_replace(struct sk_buff *skb, gfp_t pri,
 728                             char *o_buf, int o_len, char *n_buf, int n_len);
 729extern int ip_vs_app_init(void);
 730extern void ip_vs_app_cleanup(void);
 731
 732
 733/*
 734 *      IPVS protocol functions (from ip_vs_proto.c)
 735 */
 736extern int ip_vs_protocol_init(void);
 737extern void ip_vs_protocol_cleanup(void);
 738extern void ip_vs_protocol_timeout_change(int flags);
 739extern int *ip_vs_create_timeout_table(int *table, int size);
 740extern int
 741ip_vs_set_state_timeout(int *table, int num, const char *const *names,
 742                        const char *name, int to);
 743extern void
 744ip_vs_tcpudp_debug_packet(struct ip_vs_protocol *pp, const struct sk_buff *skb,
 745                          int offset, const char *msg);
 746
 747extern struct ip_vs_protocol ip_vs_protocol_tcp;
 748extern struct ip_vs_protocol ip_vs_protocol_udp;
 749extern struct ip_vs_protocol ip_vs_protocol_icmp;
 750extern struct ip_vs_protocol ip_vs_protocol_esp;
 751extern struct ip_vs_protocol ip_vs_protocol_ah;
 752
 753
 754/*
 755 *      Registering/unregistering scheduler functions
 756 *      (from ip_vs_sched.c)
 757 */
 758extern int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler);
 759extern int unregister_ip_vs_scheduler(struct ip_vs_scheduler *scheduler);
 760extern int ip_vs_bind_scheduler(struct ip_vs_service *svc,
 761                                struct ip_vs_scheduler *scheduler);
 762extern int ip_vs_unbind_scheduler(struct ip_vs_service *svc);
 763extern struct ip_vs_scheduler *ip_vs_scheduler_get(const char *sched_name);
 764extern void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler);
 765extern struct ip_vs_conn *
 766ip_vs_schedule(struct ip_vs_service *svc, const struct sk_buff *skb);
 767extern int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
 768                        struct ip_vs_protocol *pp);
 769
 770
 771/*
 772 *      IPVS control data and functions (from ip_vs_ctl.c)
 773 */
 774extern int sysctl_ip_vs_cache_bypass;
 775extern int sysctl_ip_vs_expire_nodest_conn;
 776extern int sysctl_ip_vs_expire_quiescent_template;
 777extern int sysctl_ip_vs_sync_threshold[2];
 778extern int sysctl_ip_vs_nat_icmp_send;
 779extern struct ip_vs_stats ip_vs_stats;
 780extern const struct ctl_path net_vs_ctl_path[];
 781
 782extern struct ip_vs_service *
 783ip_vs_service_get(int af, __u32 fwmark, __u16 protocol,
 784                  const union nf_inet_addr *vaddr, __be16 vport);
 785
 786static inline void ip_vs_service_put(struct ip_vs_service *svc)
 787{
 788        atomic_dec(&svc->usecnt);
 789}
 790
 791extern struct ip_vs_dest *
 792ip_vs_lookup_real_service(int af, __u16 protocol,
 793                          const union nf_inet_addr *daddr, __be16 dport);
 794
 795extern int ip_vs_use_count_inc(void);
 796extern void ip_vs_use_count_dec(void);
 797extern int ip_vs_control_init(void);
 798extern void ip_vs_control_cleanup(void);
 799extern struct ip_vs_dest *
 800ip_vs_find_dest(int af, const union nf_inet_addr *daddr, __be16 dport,
 801                const union nf_inet_addr *vaddr, __be16 vport, __u16 protocol);
 802extern struct ip_vs_dest *ip_vs_try_bind_dest(struct ip_vs_conn *cp);
 803
 804
 805/*
 806 *      IPVS sync daemon data and function prototypes
 807 *      (from ip_vs_sync.c)
 808 */
 809extern volatile int ip_vs_sync_state;
 810extern volatile int ip_vs_master_syncid;
 811extern volatile int ip_vs_backup_syncid;
 812extern char ip_vs_master_mcast_ifn[IP_VS_IFNAME_MAXLEN];
 813extern char ip_vs_backup_mcast_ifn[IP_VS_IFNAME_MAXLEN];
 814extern int start_sync_thread(int state, char *mcast_ifn, __u8 syncid);
 815extern int stop_sync_thread(int state);
 816extern void ip_vs_sync_conn(struct ip_vs_conn *cp);
 817
 818
 819/*
 820 *      IPVS rate estimator prototypes (from ip_vs_est.c)
 821 */
 822extern int ip_vs_estimator_init(void);
 823extern void ip_vs_estimator_cleanup(void);
 824extern void ip_vs_new_estimator(struct ip_vs_stats *stats);
 825extern void ip_vs_kill_estimator(struct ip_vs_stats *stats);
 826extern void ip_vs_zero_estimator(struct ip_vs_stats *stats);
 827
 828/*
 829 *      Various IPVS packet transmitters (from ip_vs_xmit.c)
 830 */
 831extern int ip_vs_null_xmit
 832(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 833extern int ip_vs_bypass_xmit
 834(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 835extern int ip_vs_nat_xmit
 836(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 837extern int ip_vs_tunnel_xmit
 838(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 839extern int ip_vs_dr_xmit
 840(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 841extern int ip_vs_icmp_xmit
 842(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp, int offset);
 843extern void ip_vs_dst_reset(struct ip_vs_dest *dest);
 844
 845#ifdef CONFIG_IP_VS_IPV6
 846extern int ip_vs_bypass_xmit_v6
 847(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 848extern int ip_vs_nat_xmit_v6
 849(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 850extern int ip_vs_tunnel_xmit_v6
 851(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 852extern int ip_vs_dr_xmit_v6
 853(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp);
 854extern int ip_vs_icmp_xmit_v6
 855(struct sk_buff *skb, struct ip_vs_conn *cp, struct ip_vs_protocol *pp,
 856 int offset);
 857#endif
 858
 859/*
 860 *      This is a simple mechanism to ignore packets when
 861 *      we are loaded. Just set ip_vs_drop_rate to 'n' and
 862 *      we start to drop 1/rate of the packets
 863 */
 864extern int ip_vs_drop_rate;
 865extern int ip_vs_drop_counter;
 866
 867static __inline__ int ip_vs_todrop(void)
 868{
 869        if (!ip_vs_drop_rate) return 0;
 870        if (--ip_vs_drop_counter > 0) return 0;
 871        ip_vs_drop_counter = ip_vs_drop_rate;
 872        return 1;
 873}
 874
 875/*
 876 *      ip_vs_fwd_tag returns the forwarding tag of the connection
 877 */
 878#define IP_VS_FWD_METHOD(cp)  (cp->flags & IP_VS_CONN_F_FWD_MASK)
 879
 880static inline char ip_vs_fwd_tag(struct ip_vs_conn *cp)
 881{
 882        char fwd;
 883
 884        switch (IP_VS_FWD_METHOD(cp)) {
 885        case IP_VS_CONN_F_MASQ:
 886                fwd = 'M'; break;
 887        case IP_VS_CONN_F_LOCALNODE:
 888                fwd = 'L'; break;
 889        case IP_VS_CONN_F_TUNNEL:
 890                fwd = 'T'; break;
 891        case IP_VS_CONN_F_DROUTE:
 892                fwd = 'R'; break;
 893        case IP_VS_CONN_F_BYPASS:
 894                fwd = 'B'; break;
 895        default:
 896                fwd = '?'; break;
 897        }
 898        return fwd;
 899}
 900
 901extern void ip_vs_nat_icmp(struct sk_buff *skb, struct ip_vs_protocol *pp,
 902                           struct ip_vs_conn *cp, int dir);
 903
 904#ifdef CONFIG_IP_VS_IPV6
 905extern void ip_vs_nat_icmp_v6(struct sk_buff *skb, struct ip_vs_protocol *pp,
 906                              struct ip_vs_conn *cp, int dir);
 907#endif
 908
 909extern __sum16 ip_vs_checksum_complete(struct sk_buff *skb, int offset);
 910
 911static inline __wsum ip_vs_check_diff4(__be32 old, __be32 new, __wsum oldsum)
 912{
 913        __be32 diff[2] = { ~old, new };
 914
 915        return csum_partial(diff, sizeof(diff), oldsum);
 916}
 917
 918#ifdef CONFIG_IP_VS_IPV6
 919static inline __wsum ip_vs_check_diff16(const __be32 *old, const __be32 *new,
 920                                        __wsum oldsum)
 921{
 922        __be32 diff[8] = { ~old[3], ~old[2], ~old[1], ~old[0],
 923                            new[3],  new[2],  new[1],  new[0] };
 924
 925        return csum_partial(diff, sizeof(diff), oldsum);
 926}
 927#endif
 928
 929static inline __wsum ip_vs_check_diff2(__be16 old, __be16 new, __wsum oldsum)
 930{
 931        __be16 diff[2] = { ~old, new };
 932
 933        return csum_partial(diff, sizeof(diff), oldsum);
 934}
 935
 936#endif /* __KERNEL__ */
 937
 938#endif  /* _NET_IP_VS_H */
 939