projects / deliverable / linux.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ipvs: add sysctl to ignore tunneled packets
[deliverable/linux.git] / net / netfilter / ipvs / ip_vs_core.c
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index 99be6801c79570e206e4ef1dcab781b48fa7b323..453972c6909ede5c050267dbd3665511df507bf8 100644 (file)
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -1760,8 +1760,16 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
 
        /* Protocol supported? */
        pd = ip_vs_proto_data_get(net, iph.protocol);
-       if (unlikely(!pd))
+       if (unlikely(!pd)) {
+               /* The only way we'll see this packet again is if it's
+                * encapsulated, so mark it with ipvs_property=1 so we
+                * skip it if we're ignoring tunneled packets
+                */
+               if (sysctl_ignore_tunneled(ipvs))
+                       skb->ipvs_property = 1;
+
                return NF_ACCEPT;
+       }
        pp = pd->pp;
        /*
         * Check if the packet belongs to an existing connection entry
Linux kernel - Deliverables
This page took 0.026311 seconds and 5 git commands to generate.