Release 4.8 net/netfilter/ipvs/ip_vs_proto_ah_esp.c
/*
* ip_vs_proto_ah_esp.c: AH/ESP IPSec load balancing support for IPVS
*
* Authors: Julian Anastasov <ja@ssi.bg>, February 2002
* Wensong Zhang <wensong@linuxvirtualserver.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* version 2 as published by the Free Software Foundation;
*
*/
#define KMSG_COMPONENT "IPVS"
#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
#include <linux/in.h>
#include <linux/ip.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <net/ip_vs.h>
/* TODO:
struct isakmp_hdr {
__u8 icookie[8];
__u8 rcookie[8];
__u8 np;
__u8 version;
__u8 xchgtype;
__u8 flags;
__u32 msgid;
__u32 length;
};
*/
#define PORT_ISAKMP 500
static void
ah_esp_conn_fill_param_proto(struct netns_ipvs *ipvs, int af,
const struct ip_vs_iphdr *iph,
struct ip_vs_conn_param *p)
{
if (likely(!ip_vs_iph_inverse(iph)))
ip_vs_conn_fill_param(ipvs, af, IPPROTO_UDP,
&iph->saddr, htons(PORT_ISAKMP),
&iph->daddr, htons(PORT_ISAKMP), p);
else
ip_vs_conn_fill_param(ipvs, af, IPPROTO_UDP,
&iph->daddr, htons(PORT_ISAKMP),
&iph->saddr, htons(PORT_ISAKMP), p);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| wensong zhang | wensong zhang | 57 | 57.58% | 1 | 11.11% |
| julius volz | julius volz | 12 | 12.12% | 2 | 22.22% |
| simon horman | simon horman | 12 | 12.12% | 1 | 11.11% |
| hans schillstrom | hans schillstrom | 5 | 5.05% | 1 | 11.11% |
| eric w. biederman | eric w. biederman | 4 | 4.04% | 1 | 11.11% |
| alex gartrell | alex gartrell | 4 | 4.04% | 1 | 11.11% |
| hideaki yoshifuji | hideaki yoshifuji | 4 | 4.04% | 1 | 11.11% |
| julian anastasov | julian anastasov | 1 | 1.01% | 1 | 11.11% |
| Total | 99 | 100.00% | 9 | 100.00% |
static struct ip_vs_conn *
ah_esp_conn_in_get(struct netns_ipvs *ipvs, int af, const struct sk_buff *skb,
const struct ip_vs_iphdr *iph)
{
struct ip_vs_conn *cp;
struct ip_vs_conn_param p;
ah_esp_conn_fill_param_proto(ipvs, af, iph, &p);
cp = ip_vs_conn_in_get(&p);
if (!cp) {
/*
* We are not sure if the packet is from our
* service, so our conn_schedule hook should return NF_ACCEPT
*/
IP_VS_DBG_BUF(12, "Unknown ISAKMP entry for outin packet "
"%s%s %s->%s\n",
ip_vs_iph_icmp(iph) ? "ICMP+" : "",
ip_vs_proto_get(iph->protocol)->name,
IP_VS_DBG_ADDR(af, &iph->saddr),
IP_VS_DBG_ADDR(af, &iph->daddr));
}
return cp;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| simon horman | simon horman | 49 | 42.98% | 1 | 11.11% |
| wensong zhang | wensong zhang | 37 | 32.46% | 1 | 11.11% |
| julius volz | julius volz | 10 | 8.77% | 1 | 11.11% |
| hans schillstrom | hans schillstrom | 7 | 6.14% | 2 | 22.22% |
| eric w. biederman | eric w. biederman | 6 | 5.26% | 2 | 22.22% |
| alex gartrell | alex gartrell | 4 | 3.51% | 1 | 11.11% |
| julian anastasov | julian anastasov | 1 | 0.88% | 1 | 11.11% |
| Total | 114 | 100.00% | 9 | 100.00% |
static struct ip_vs_conn *
ah_esp_conn_out_get(struct netns_ipvs *ipvs, int af, const struct sk_buff *skb,
const struct ip_vs_iphdr *iph)
{
struct ip_vs_conn *cp;
struct ip_vs_conn_param p;
ah_esp_conn_fill_param_proto(ipvs, af, iph, &p);
cp = ip_vs_conn_out_get(&p);
if (!cp) {
IP_VS_DBG_BUF(12, "Unknown ISAKMP entry for inout packet "
"%s%s %s->%s\n",
ip_vs_iph_icmp(iph) ? "ICMP+" : "",
ip_vs_proto_get(iph->protocol)->name,
IP_VS_DBG_ADDR(af, &iph->saddr),
IP_VS_DBG_ADDR(af, &iph->daddr));
}
return cp;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| wensong zhang | wensong zhang | 68 | 60.18% | 1 | 9.09% |
| julius volz | julius volz | 19 | 16.81% | 3 | 27.27% |
| simon horman | simon horman | 7 | 6.19% | 1 | 9.09% |
| hans schillstrom | hans schillstrom | 7 | 6.19% | 2 | 18.18% |
| eric w. biederman | eric w. biederman | 6 | 5.31% | 2 | 18.18% |
| alex gartrell | alex gartrell | 4 | 3.54% | 1 | 9.09% |
| julian anastasov | julian anastasov | 2 | 1.77% | 1 | 9.09% |
| Total | 113 | 100.00% | 11 | 100.00% |
static int
ah_esp_conn_schedule(struct netns_ipvs *ipvs, int af, struct sk_buff *skb,
struct ip_vs_proto_data *pd,
int *verdict, struct ip_vs_conn **cpp,
struct ip_vs_iphdr *iph)
{
/*
* AH/ESP is only related traffic. Pass the packet to IP stack.
*/
*verdict = NF_ACCEPT;
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| wensong zhang | wensong zhang | 31 | 64.58% | 1 | 16.67% |
| jesper dangaard brouer | jesper dangaard brouer | 5 | 10.42% | 1 | 16.67% |
| eric w. biederman | eric w. biederman | 5 | 10.42% | 1 | 16.67% |
| julius volz | julius volz | 5 | 10.42% | 2 | 33.33% |
| hans schillstrom | hans schillstrom | 2 | 4.17% | 1 | 16.67% |
| Total | 48 | 100.00% | 6 | 100.00% |
#ifdef CONFIG_IP_VS_PROTO_AH
struct ip_vs_protocol ip_vs_protocol_ah = {
.name = "AH",
.protocol = IPPROTO_AH,
.num_states = 1,
.dont_defrag = 1,
.init = NULL,
.exit = NULL,
.conn_schedule = ah_esp_conn_schedule,
.conn_in_get = ah_esp_conn_in_get,
.conn_out_get = ah_esp_conn_out_get,
.snat_handler = NULL,
.dnat_handler = NULL,
.csum_check = NULL,
.state_transition = NULL,
.register_app = NULL,
.unregister_app = NULL,
.app_conn_bind = NULL,
.debug_packet = ip_vs_tcpudp_debug_packet,
.timeout_change = NULL, /* ISAKMP */
};
#endif
#ifdef CONFIG_IP_VS_PROTO_ESP
struct ip_vs_protocol ip_vs_protocol_esp = {
.name = "ESP",
.protocol = IPPROTO_ESP,
.num_states = 1,
.dont_defrag = 1,
.init = NULL,
.exit = NULL,
.conn_schedule = ah_esp_conn_schedule,
.conn_in_get = ah_esp_conn_in_get,
.conn_out_get = ah_esp_conn_out_get,
.snat_handler = NULL,
.dnat_handler = NULL,
.csum_check = NULL,
.state_transition = NULL,
.register_app = NULL,
.unregister_app = NULL,
.app_conn_bind = NULL,
.debug_packet = ip_vs_tcpudp_debug_packet,
.timeout_change = NULL, /* ISAKMP */
};
#endif
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| wensong zhang | wensong zhang | 294 | 47.57% | 1 | 4.76% |
| julius volz | julius volz | 155 | 25.08% | 3 | 14.29% |
| simon horman | simon horman | 68 | 11.00% | 1 | 4.76% |
| hans schillstrom | hans schillstrom | 26 | 4.21% | 3 | 14.29% |
| eric w. biederman | eric w. biederman | 21 | 3.40% | 4 | 19.05% |
| julian anastasov | julian anastasov | 16 | 2.59% | 4 | 19.05% |
| alex gartrell | alex gartrell | 12 | 1.94% | 1 | 4.76% |
| hannes eder | hannes eder | 11 | 1.78% | 1 | 4.76% |
| arnaldo carvalho de melo | arnaldo carvalho de melo | 6 | 0.97% | 1 | 4.76% |
| jesper dangaard brouer | jesper dangaard brouer | 5 | 0.81% | 1 | 4.76% |
| hideaki yoshifuji | hideaki yoshifuji | 4 | 0.65% | 1 | 4.76% |
| Total | 618 | 100.00% | 21 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.