diff options
author | Julian Anastasov <ja@ssi.bg> | 2013-06-18 10:08:08 +0300 |
---|---|---|
committer | Simon Horman <horms@verge.net.au> | 2013-06-26 18:01:46 +0900 |
commit | acaac5d8bbedf6bd96f53960780942e1ad90d70e (patch) | |
tree | 1ca1330aa7ce1c584ccfa92d5fb760cc80ee107a /net/netfilter | |
parent | 61e7c420b4b2a797ac209106ba743ab6ebe984d8 (diff) |
ipvs: drop SCTP connections depending on state
Drop SCTP connections under load (dropentry context) depending
on the protocol state, just like for TCP: INIT conns are
dropped immediately, established are dropped randomly while
connections in progress or shutdown are skipped.
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'net/netfilter')
-rw-r--r-- | net/netfilter/ipvs/ip_vs_conn.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index c8c52a98590..4c8e5c0aa1a 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c +++ b/net/netfilter/ipvs/ip_vs_conn.c @@ -1231,6 +1231,18 @@ void ip_vs_random_dropentry(struct net *net) default: continue; } + } else if (cp->protocol == IPPROTO_SCTP) { + switch (cp->state) { + case IP_VS_SCTP_S_INIT1: + case IP_VS_SCTP_S_INIT: + break; + case IP_VS_SCTP_S_ESTABLISHED: + if (todrop_entry(cp)) + break; + continue; + default: + continue; + } } else { if (!todrop_entry(cp)) continue; |