diff --git a/README.md b/README.md index 8554ba1e4..e1eaee362 100644 --- a/README.md +++ b/README.md @@ -144,7 +144,7 @@ $ make # or "make -j40" to speed up. $ make install ``` -> may need install dependencies, like `openssl`, `popt` and `numactl`, e.g., `yum install popt-devel` (CentOS). +> may need install dependencies, like `automake`, `libnl3`, `libnl-genl-3.0`, `openssl`, `popt` and `numactl`, e.g., `yum install popt-devel` (CentOS). Output files are installed to `dpvs/bin`. diff --git a/include/conf/iftraf.h b/include/conf/iftraf.h index 2ff57c838..8aef98d8b 100644 --- a/include/conf/iftraf.h +++ b/include/conf/iftraf.h @@ -1,60 +1,59 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_IFTRAF_CONF_H__ -#define __DPVS_IFTRAF_CONF_H__ -#include -#include -#include "inet.h" - -enum { - /* set */ - SOCKOPT_SET_IFTRAF_ADD = 6400, - SOCKOPT_SET_IFTRAF_DEL, - - /* get */ - SOCKOPT_GET_IFTRAF_SHOW, -}; - -struct dp_vs_iftraf_conf { - char ifname[IFNAMSIZ]; -} __attribute__((__packed__)); - - -struct iftraf_param { - uint8_t af; - uint8_t proto; - uint8_t cid; - uint16_t devid; - char ifname[IFNAMSIZ]; - union inet_addr saddr; - union inet_addr daddr; - uint16_t sport; - uint16_t dport; - - uint32_t total_recv; - uint32_t total_sent; - -} __attribute__((__packed__)); - -struct iftraf_param_array { - int ntrafs; - struct iftraf_param iftraf[0]; -}; - -#endif /* __DPVS_INETADDR_CONF_H__ */ - +/* + * DPVS is a software load balancer (Virtual Server) based on DPDK. + * + * Copyright (C) 2017 iQIYI (www.iqiyi.com). + * All Rights Reserved. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ +#ifndef __DPVS_IFTRAF_CONF_H__ +#define __DPVS_IFTRAF_CONF_H__ +#include +#include +#include "inet.h" + +enum { + /* set */ + SOCKOPT_SET_IFTRAF_ADD = 6400, + SOCKOPT_SET_IFTRAF_DEL, + + /* get */ + SOCKOPT_GET_IFTRAF_SHOW, +}; + +struct dp_vs_iftraf_conf { + char ifname[IFNAMSIZ]; +} __attribute__((__packed__)); + + +struct iftraf_param { + uint8_t af; + uint8_t proto; + uint8_t cid; + uint16_t devid; + char ifname[IFNAMSIZ]; + union inet_addr saddr; + union inet_addr daddr; + uint16_t sport; + uint16_t dport; + + uint32_t total_recv; + uint32_t total_sent; + +} __attribute__((__packed__)); + +struct iftraf_param_array { + int ntrafs; + struct iftraf_param iftraf[0]; +}; + +#endif /* __DPVS_INETADDR_CONF_H__ */ diff --git a/include/global_data.h b/include/global_data.h index dab9f698d..5df19d274 100644 --- a/include/global_data.h +++ b/include/global_data.h @@ -50,6 +50,7 @@ extern dpvs_lcore_role_t g_lcore_role[DPVS_MAX_LCORE]; * anything else -1 * */ extern int g_lcore_index[DPVS_MAX_LCORE]; +extern int g_lcore_num; int global_data_init(void); int global_data_term(void); diff --git a/include/iftraf.h b/include/iftraf.h index 6a084f61a..c48aab17e 100644 --- a/include/iftraf.h +++ b/include/iftraf.h @@ -1,37 +1,36 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __IFTRAF_H__ -#define __IFTRAF_H__ - -#include "conf/common.h" -#include "list.h" -#include "dpdk.h" -#include "timer.h" -#include "inet.h" -#include "ctrl.h" - -int iftraf_sockopt_get(sockoptid_t opt, const void *conf, size_t size, void **out, size_t *outsize); - -int iftraf_pkt_in(int af, struct rte_mbuf *mbuf, struct netif_port *dev); -int iftraf_pkt_out(int af, struct rte_mbuf *mbuf, struct netif_port *dev); - -int iftraf_init(void); -int iftraf_term(void); /* cleanup */ - -#endif - +/* + * DPVS is a software load balancer (Virtual Server) based on DPDK. + * + * Copyright (C) 2017 iQIYI (www.iqiyi.com). + * All Rights Reserved. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ +#ifndef __IFTRAF_H__ +#define __IFTRAF_H__ + +#include "conf/common.h" +#include "list.h" +#include "dpdk.h" +#include "timer.h" +#include "inet.h" +#include "ctrl.h" + +int iftraf_sockopt_get(sockoptid_t opt, const void *conf, size_t size, void **out, size_t *outsize); + +int iftraf_pkt_in(int af, struct rte_mbuf *mbuf, struct netif_port *dev); +int iftraf_pkt_out(int af, struct rte_mbuf *mbuf, struct netif_port *dev); + +int iftraf_init(void); +int iftraf_term(void); /* cleanup */ + +#endif diff --git a/include/ipvs/blklst.h b/include/ipvs/blklst.h index 10ab86d42..f6f980a51 100644 --- a/include/ipvs/blklst.h +++ b/include/ipvs/blklst.h @@ -23,13 +23,14 @@ struct blklst_entry { struct list_head list; - union inet_addr vaddr; - uint16_t vport; + int af; uint8_t proto; + uint16_t vport; + union inet_addr vaddr; union inet_addr blklst; }; -struct blklst_entry *dp_vs_blklst_lookup(uint8_t proto, const union inet_addr *vaddr, +struct blklst_entry *dp_vs_blklst_lookup(int af, uint8_t proto, const union inet_addr *vaddr, uint16_t vport, const union inet_addr *blklst); void dp_vs_blklst_flush(struct dp_vs_service *svc); diff --git a/include/ipvs/conn.h b/include/ipvs/conn.h index 9306e11ec..05aa9b16f 100644 --- a/include/ipvs/conn.h +++ b/include/ipvs/conn.h @@ -329,7 +329,7 @@ dp_vs_conn_clear_redirect_hashed(struct dp_vs_conn *conn) conn->flags &= ~DPVS_CONN_F_REDIRECT_HASHED; } -inline uint32_t dp_vs_conn_hashkey(int af, +uint32_t dp_vs_conn_hashkey(int af, const union inet_addr *saddr, uint16_t sport, const union inet_addr *daddr, uint16_t dport, uint32_t mask); diff --git a/include/ipvs/dest.h b/include/ipvs/dest.h index 6da5788e1..4242efe0b 100644 --- a/include/ipvs/dest.h +++ b/include/ipvs/dest.h @@ -69,6 +69,18 @@ dp_vs_dest_is_avail(struct dp_vs_dest *dest) return (dest->flags & DPVS_DEST_F_AVAILABLE) ? true : false; } +static inline void +dp_vs_dest_set_avail(struct dp_vs_dest *dest) +{ + dest->flags |= DPVS_DEST_F_AVAILABLE; +} + +static inline void +dp_vs_dest_clear_avail(struct dp_vs_dest *dest) +{ + dest->flags &= ~DPVS_DEST_F_AVAILABLE; +} + static inline bool dp_vs_dest_is_overload(struct dp_vs_dest *dest) { @@ -90,24 +102,24 @@ dp_vs_dest_is_valid(struct dp_vs_dest *dest) && dp_vs_dest_get_weight(dest) > 0) ? true : false; } -int dp_vs_new_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest, +int dp_vs_dest_new(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest, struct dp_vs_dest **dest_p); -struct dp_vs_dest *dp_vs_lookup_dest(int af, struct dp_vs_service *svc, +struct dp_vs_dest *dp_vs_dest_lookup(int af, struct dp_vs_service *svc, const union inet_addr *daddr, uint16_t dport); -int dp_vs_add_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest); +int dp_vs_dest_add(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest); -int dp_vs_edit_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest); +int dp_vs_dest_edit(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest); -void dp_vs_unlink_dest(struct dp_vs_service *svc, +void dp_vs_dest_unlink(struct dp_vs_service *svc, struct dp_vs_dest *dest, int svcupd); void dp_vs_dest_put(struct dp_vs_dest *dest); -int dp_vs_del_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest); +int dp_vs_dest_del(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest); -int dp_vs_get_dest_entries(const struct dp_vs_service *svc, +int dp_vs_dest_get_entries(const struct dp_vs_service *svc, struct dp_vs_get_dests *uptr); int dp_vs_dest_init(void); diff --git a/include/ipvs/service.h b/include/ipvs/service.h index 10faee647..e78fbb2f3 100644 --- a/include/ipvs/service.h +++ b/include/ipvs/service.h @@ -102,13 +102,13 @@ int dp_vs_match_parse(const char *srange, const char *drange, const char *iifname, const char *oifname, int af, struct dp_vs_match *match); -void dp_vs_bind_svc(struct dp_vs_dest *dest, struct dp_vs_service *svc); +void dp_vs_service_bind(struct dp_vs_dest *dest, struct dp_vs_service *svc); -void dp_vs_unbind_svc(struct dp_vs_dest *dest); +void dp_vs_service_unbind(struct dp_vs_dest *dest); -void dp_vs_svc_put(struct dp_vs_service *svc); +void dp_vs_service_put(struct dp_vs_service *svc); -struct dp_vs_service *dp_vs_lookup_vip(int af, uint16_t protocol, +struct dp_vs_service *dp_vs_vip_lookup(int af, uint16_t protocol, const union inet_addr *vaddr, lcoreid_t cid); diff --git a/include/ipvs/stats.h b/include/ipvs/stats.h index 91fd760b9..16376ed3e 100644 --- a/include/ipvs/stats.h +++ b/include/ipvs/stats.h @@ -85,7 +85,7 @@ int dp_vs_stats_init(void); int dp_vs_stats_term(void); void dp_vs_stats_clear(struct dp_vs_stats *stats); - +int dp_vs_stats_add(struct dp_vs_stats *dst, struct dp_vs_stats *src); int dp_vs_stats_in(struct dp_vs_conn *conn, struct rte_mbuf *mbuf); int dp_vs_stats_out(struct dp_vs_conn *conn, struct rte_mbuf *mbuf); void dp_vs_stats_conn(struct dp_vs_conn *conn); @@ -93,8 +93,5 @@ void dp_vs_stats_conn(struct dp_vs_conn *conn); void dp_vs_estats_inc(enum dp_vs_estats_type field); void dp_vs_estats_clear(void); uint64_t dp_vs_estats_get(enum dp_vs_estats_type field); -int dp_vs_add_stats(struct dp_vs_stats* dst, struct dp_vs_stats* src); - -int dp_vs_copy_stats(struct dp_vs_stats* dst, struct dp_vs_stats* src); #endif /* __DPVS_STATS_H__ */ diff --git a/include/timer.h b/include/timer.h index e02691301..eef282b65 100644 --- a/include/timer.h +++ b/include/timer.h @@ -50,8 +50,8 @@ struct dpvs_timer { dpvs_tick_t delay; }; -inline dpvs_tick_t timeval_to_ticks(const struct timeval *tv); -inline void ticks_to_timeval(const dpvs_tick_t ticks, struct timeval *tv); +dpvs_tick_t timeval_to_ticks(const struct timeval *tv); +void ticks_to_timeval(const dpvs_tick_t ticks, struct timeval *tv); int dpvs_timer_init(void); int dpvs_timer_term(void); diff --git a/kmod/uoa/example/Makefile b/kmod/uoa/example/Makefile index bc6924acf..55aa0c45c 100644 --- a/kmod/uoa/example/Makefile +++ b/kmod/uoa/example/Makefile @@ -22,7 +22,7 @@ all: udp_serv uperf opp CFLAGS = -g -O0 -CFLAGS += -I ../../../include -I ../ +CFLAGS += -I ../../../include/ -I ../../../include/conf -I ../ udp_serv: udp_serv.c gcc $(CFLAGS) -o udp_serv udp_serv.c diff --git a/src/VERSION b/src/VERSION index 11a7ee49d..5df841394 100755 --- a/src/VERSION +++ b/src/VERSION @@ -1,42 +1,42 @@ #!/bin/sh - # program: dpvs -# Feb 12, 2020 - +# May 13, 2020 +# +##################################### +# This is a bugfix verison of v1.8.2. +##################################### +# # # Features # ---------- -# - **Per-cpu refactor for service/dest/inetaddr/laddr/sapool modules.** -# - **Keepalived upgrades from v1.2.13 to v2.0.19.** -# - **Add supports for newer dpdk: dpdk-stable-18.11.2 and dpdk-stable-17.11.6.** -# - Add dpvs `scheduler module` to manage jobs on master and slaves in the same fasion. -# - Add support for Mallenox 25G NIC MLX5. -# - Add `iftraf module` to collect top N traffic clients. -# - Add dpvs worker performance tuning doc. -# - Add `debug module` for dpvs. -# - Use dpvs mempool to allocate memory. -# - Enable dpdk pdump tool for DPVS. -# - Show the concrete neighbour entry info when its queue is full. -# - Adjust header files used both by tools(keepalived/dpip/ipvsadm) and dpvs. # # # # Bugfix # -------- -# - Use async multicast msg to avoid config setting failures caused by msg timeout. -# - Alleviate the NIC imiss problem caused by inetaddr lock and heap memory. -# - Reduce sapool stats lookup failure problem. -# - Fix memory underflow problem and add more debug info for dpvs mempool. -# - Fix failure problem when add ipv6 addresses. -# - Fix crash problem when delete all local addresses. -# - Fix toa ipv6 crash problem caused by page write protect. -# - Fix memory leak problem in `tunnel_xmit`. -# - Fix crash problem when out of memory. -# - Fix problem when DPDK EAL param '--master-lcore' or '--lcores' is used. -# - Patch dpdk-stable-17.11.2 to support rh75. -# - Several optimizations of memory allocation from eal heaps. -# - Refactor several code episodes to make logic clear. -# - Adjust some logs. +# - Keepalived: Fix virtual server partial deletion problem when configured with virtual server group. +# - Keepalived: Fix realserver deletion problem when the realservers marked as down state by health_checker. +# - Keepalived: Fix reload problem for some configurations, such as conn timeout, blklst addresses, etc. +# - Keepalived: Fix configurations would not load problem after restart on occasion. +# - Keepalived: Fix port transition support problem in fullnat mode. +# - Keepalived: Fix logging problem for MATCH/ICMP/ICMPv6 in keepalived. +# - Keepalived: Fix snat configuration and reload problem. +# - Keepalived: Fix conhash scheduler configuration problem in keepalived. +# - Keepalived: Fix incorrect ipvs stats problem caused by mismatch structures of keepalived and dpvs. +# - Keepalived: Fix crash when snat and fullnat configured together. +# - Keepalived: Fix address family setting problem for nat64 forwarding. +# - Keepalived: Fix dpvs route setting problem in keepalived vrrp. +# - Keepalived: Fix laddr configuration problems with ip range style. +# - Keepalived: Mergerd virtual server group address into range list. +# - Keepalived: Update libipvs and related headers. +# - Ipvsadm: do not show address family for MATCH rule. +# - Dpvs: Fix ipv6 and nat64 blklst support problem. +# - Dpvs: Fix duplicated ipv4 local-in routes problem. +# - Dpvs: Allow to use non-continuous lcores, like "-l 0,1-8,11-18". +# - Dpvs: Fix crash prolbem when cpu id is not set correctly by ipvsadm. +# - Dpvs: Fix compile error caused by inline method. +# - Dpvs: Fix a array boundary overflow issue. export VERSION=1.8 -export RELEASE=2 +export RELEASE=4 echo $VERSION-$RELEASE diff --git a/src/global_data.c b/src/global_data.c index 777bb3f86..dfae3193d 100644 --- a/src/global_data.c +++ b/src/global_data.c @@ -23,12 +23,14 @@ uint64_t g_cycles_per_sec; dpvs_lcore_role_t g_lcore_role[DPVS_MAX_LCORE]; int g_lcore_index[DPVS_MAX_LCORE]; +int g_lcore_num; int global_data_init(void) { int i; g_cycles_per_sec = rte_get_timer_hz(); + g_lcore_num = 0; for (i = 0; i < DPVS_MAX_LCORE; i++) { g_lcore_role[i] = LCORE_ROLE_IDLE; diff --git a/src/inetaddr.c b/src/inetaddr.c index 565f3c7ce..c28202206 100644 --- a/src/inetaddr.c +++ b/src/inetaddr.c @@ -537,6 +537,9 @@ static int ifa_add_route4(struct inet_ifaddr *ifa) if (err != EDPVS_OK) goto errout; + if (ifa->plen == 32) + return EDPVS_OK; + err = route_add(&net.in, ifa->plen, RTF_FORWARD, NULL, ifa->idev->dev, &ifa->addr.in, 0, 0); if (err != EDPVS_OK && err != EDPVS_EXIST) @@ -1122,13 +1125,15 @@ static int copy_lcore_entries(const struct inet_device *idev, static int ifa_msg_get_cb(struct dpvs_msg *msg) { int ifa_cnt, len; + void *ptr; struct inet_device *idev; struct inet_addr_data_array *array; lcoreid_t cid = rte_lcore_id(); if (!msg || (msg->len && msg->len != sizeof(idev))) return EDPVS_INVAL; - idev = msg->len ? (struct inet_device *)msg->data : NULL; + ptr = msg->len ? (void*)msg->data : NULL; + idev = ptr ? (*(struct inet_device **)ptr) : NULL; if (idev) ifa_cnt = idev->ifa_cnt[cid]; @@ -1484,7 +1489,7 @@ static int ifaddr_get_stats(struct inet_device *idev, struct inet_addr_data_arra /* collect ifa sapool stats from slaves */ if (idev) - msg = msg_make(MSG_TYPE_IFA_GET, 0, DPVS_MSG_MULTICAST, rte_lcore_id(), sizeof(idev), idev); + msg = msg_make(MSG_TYPE_IFA_GET, 0, DPVS_MSG_MULTICAST, rte_lcore_id(), sizeof(idev), &idev); else msg = msg_make(MSG_TYPE_IFA_GET, 0, DPVS_MSG_MULTICAST, rte_lcore_id(), 0, NULL); if (!msg) { @@ -1550,7 +1555,7 @@ static int ifaddr_get_verbose(struct inet_device *idev, struct inet_addr_data_ar off = array->naddr; if (idev) - msg = msg_make(MSG_TYPE_IFA_GET, 0, DPVS_MSG_MULTICAST, rte_lcore_id(), sizeof(idev), idev); + msg = msg_make(MSG_TYPE_IFA_GET, 0, DPVS_MSG_MULTICAST, rte_lcore_id(), sizeof(idev), &idev); else msg = msg_make(MSG_TYPE_IFA_GET, 0, DPVS_MSG_MULTICAST, rte_lcore_id(), 0, NULL); if (!msg) { diff --git a/src/ipvs/ip_vs_blklst.c b/src/ipvs/ip_vs_blklst.c index e4152bd47..6efa8d1c2 100644 --- a/src/ipvs/ip_vs_blklst.c +++ b/src/ipvs/ip_vs_blklst.c @@ -56,29 +56,30 @@ static inline uint32_t blklst_hashkey(const union inet_addr *vaddr, + dp_vs_blklst_rnd) & DPVS_BLKLST_TAB_MASK; } -struct blklst_entry *dp_vs_blklst_lookup(uint8_t proto, const union inet_addr *vaddr, +struct blklst_entry *dp_vs_blklst_lookup(int af, uint8_t proto, const union inet_addr *vaddr, uint16_t vport, const union inet_addr *blklst) { unsigned hashkey; struct blklst_entry *blklst_node; hashkey = blklst_hashkey(vaddr, blklst); - list_for_each_entry(blklst_node, &this_blklst_tab[hashkey], list){ - if (blklst_node->vaddr.in.s_addr == vaddr->in.s_addr && - blklst_node->blklst.in.s_addr == blklst->in.s_addr && - blklst_node->proto == proto && - blklst_node->vport == vport) + list_for_each_entry(blklst_node, &this_blklst_tab[hashkey], list) { + if (blklst_node->af == af && blklst_node->proto == proto && + blklst_node->vport == vport && + inet_addr_equal(af, &blklst_node->vaddr, vaddr) && + inet_addr_equal(af, &blklst_node->blklst, blklst)) return blklst_node; } return NULL; } -static int dp_vs_blklst_add_lcore(uint8_t proto, const union inet_addr *vaddr, +static int dp_vs_blklst_add_lcore(int af, uint8_t proto, const union inet_addr *vaddr, uint16_t vport, const union inet_addr *blklst) { unsigned hashkey; struct blklst_entry *new, *blklst_node; - blklst_node = dp_vs_blklst_lookup(proto, vaddr, vport, blklst); + + blklst_node = dp_vs_blklst_lookup(af, proto, vaddr, vport, blklst); if (blklst_node) { return EDPVS_EXIST; } @@ -89,32 +90,34 @@ static int dp_vs_blklst_add_lcore(uint8_t proto, const union inet_addr *vaddr, if (new == NULL) return EDPVS_NOMEM; - memcpy(&new->vaddr, vaddr,sizeof(union inet_addr)); - new->vport = vport; - new->proto = proto; - memcpy(&new->blklst, blklst,sizeof(union inet_addr)); + new->af = af; + new->proto = proto; + new->vport = vport; + memcpy(&new->vaddr, vaddr, sizeof(union inet_addr)); + memcpy(&new->blklst, blklst, sizeof(union inet_addr)); list_add(&new->list, &this_blklst_tab[hashkey]); rte_atomic32_inc(&this_num_blklsts); return EDPVS_OK; } -static int dp_vs_blklst_del_lcore(uint8_t proto, const union inet_addr *vaddr, +static int dp_vs_blklst_del_lcore(int af, uint8_t proto, const union inet_addr *vaddr, uint16_t vport, const union inet_addr *blklst) { struct blklst_entry *blklst_node; - blklst_node = dp_vs_blklst_lookup(proto, vaddr, vport, blklst); + blklst_node = dp_vs_blklst_lookup(af, proto, vaddr, vport, blklst); if (blklst_node != NULL) { list_del(&blklst_node->list); rte_free(blklst_node); rte_atomic32_dec(&this_num_blklsts); return EDPVS_OK; } + return EDPVS_NOTEXIST; } -static int dp_vs_blklst_add(uint8_t proto, const union inet_addr *vaddr, +static int dp_vs_blklst_add(int af, uint8_t proto, const union inet_addr *vaddr, uint16_t vport, const union inet_addr *blklst) { lcoreid_t cid = rte_lcore_id(); @@ -123,18 +126,19 @@ static int dp_vs_blklst_add(uint8_t proto, const union inet_addr *vaddr, struct dp_vs_blklst_conf cf; if (cid != rte_get_master_lcore()) { - RTE_LOG(INFO, SERVICE, "[%s] must set from master lcore\n", __func__); + RTE_LOG(INFO, SERVICE, "%s must set from master lcore\n", __func__); return EDPVS_NOTSUPP; } memset(&cf, 0, sizeof(struct dp_vs_blklst_conf)); memcpy(&(cf.vaddr), vaddr,sizeof(union inet_addr)); memcpy(&(cf.blklst), blklst, sizeof(union inet_addr)); + cf.af = af; cf.vport = vport; cf.proto = proto; /*set blklst ip on master lcore*/ - err = dp_vs_blklst_add_lcore(proto, vaddr, vport, blklst); + err = dp_vs_blklst_add_lcore(af, proto, vaddr, vport, blklst); if (err) { RTE_LOG(INFO, SERVICE, "[%s] fail to set blklst ip\n", __func__); return err; @@ -143,7 +147,7 @@ static int dp_vs_blklst_add(uint8_t proto, const union inet_addr *vaddr, /*set blklst ip on all slave lcores*/ msg = msg_make(MSG_TYPE_BLKLST_ADD, 0, DPVS_MSG_MULTICAST, cid, sizeof(struct dp_vs_blklst_conf), &cf); - if (!msg) + if (unlikely(!msg)) return EDPVS_NOMEM; err = multicast_msg_send(msg, DPVS_MSG_F_ASYNC, NULL); if (err != EDPVS_OK) { @@ -156,7 +160,7 @@ static int dp_vs_blklst_add(uint8_t proto, const union inet_addr *vaddr, return EDPVS_OK; } -static int dp_vs_blklst_del(uint8_t proto, const union inet_addr *vaddr, +static int dp_vs_blklst_del(int af, uint8_t proto, const union inet_addr *vaddr, uint16_t vport, const union inet_addr *blklst) { lcoreid_t cid = rte_lcore_id(); @@ -165,20 +169,21 @@ static int dp_vs_blklst_del(uint8_t proto, const union inet_addr *vaddr, struct dp_vs_blklst_conf cf; if (cid != rte_get_master_lcore()) { - RTE_LOG(INFO, SERVICE, "[%s] must set from master lcore\n", __func__); + RTE_LOG(INFO, SERVICE, "%s must set from master lcore\n", __func__); return EDPVS_NOTSUPP; } memset(&cf, 0, sizeof(struct dp_vs_blklst_conf)); memcpy(&(cf.vaddr), vaddr,sizeof(union inet_addr)); memcpy(&(cf.blklst), blklst, sizeof(union inet_addr)); + cf.af = af; cf.vport = vport; cf.proto = proto; /*del blklst ip on master lcores*/ - err = dp_vs_blklst_del_lcore(proto, vaddr, vport, blklst); + err = dp_vs_blklst_del_lcore(af, proto, vaddr, vport, blklst); if (err) { - RTE_LOG(INFO, SERVICE, "[%s] fail to del blklst ip\n", __func__); + RTE_LOG(INFO, SERVICE, "%s: fail to del blklst ip\n", __func__); return err; } @@ -189,7 +194,7 @@ static int dp_vs_blklst_del(uint8_t proto, const union inet_addr *vaddr, return EDPVS_NOMEM; err = multicast_msg_send(msg, DPVS_MSG_F_ASYNC, NULL); if (err != EDPVS_OK) { - RTE_LOG(INFO, SERVICE, "[%s] fail to send multicast message\n", __func__); + RTE_LOG(INFO, SERVICE, "%s: fail to send multicast message\n", __func__); return err; } msg_destroy(&msg); @@ -197,15 +202,16 @@ static int dp_vs_blklst_del(uint8_t proto, const union inet_addr *vaddr, return EDPVS_OK; } -void dp_vs_blklst_flush(struct dp_vs_service *svc) +void dp_vs_blklst_flush(struct dp_vs_service *svc) { - struct blklst_entry *entry, *next; int hash; + struct blklst_entry *entry, *next; for (hash = 0; hash < DPVS_BLKLST_TAB_SIZE; hash++) { list_for_each_entry_safe(entry, next, &this_blklst_tab[hash], list) { - if (entry->vaddr.in.s_addr == svc->addr.in.s_addr) - dp_vs_blklst_del(entry->proto, &entry->vaddr, + if (entry->af == svc->af && + inet_addr_equal(svc->af, &entry->vaddr, &svc->addr)) + dp_vs_blklst_del(svc->af, entry->proto, &entry->vaddr, entry->vport, &entry->blklst); } } @@ -219,7 +225,7 @@ static void dp_vs_blklst_flush_all(void) for (hash = 0; hash < DPVS_BLKLST_TAB_SIZE; hash++) { list_for_each_entry_safe(entry, next, &this_blklst_tab[hash], list) { - dp_vs_blklst_del(entry->proto, &entry->vaddr, + dp_vs_blklst_del(entry->af, entry->proto, &entry->vaddr, entry->vport, &entry->blklst); } } @@ -239,11 +245,13 @@ static int blklst_sockopt_set(sockoptid_t opt, const void *conf, size_t size) switch (opt) { case SOCKOPT_SET_BLKLST_ADD: - err = dp_vs_blklst_add(blklst_conf->proto, &blklst_conf->vaddr, + err = dp_vs_blklst_add(blklst_conf->af, + blklst_conf->proto, &blklst_conf->vaddr, blklst_conf->vport, &blklst_conf->blklst); break; case SOCKOPT_SET_BLKLST_DEL: - err = dp_vs_blklst_del(blklst_conf->proto, &blklst_conf->vaddr, + err = dp_vs_blklst_del(blklst_conf->af, + blklst_conf->proto, &blklst_conf->vaddr, blklst_conf->vport, &blklst_conf->blklst); break; default: @@ -254,11 +262,11 @@ static int blklst_sockopt_set(sockoptid_t opt, const void *conf, size_t size) return err; } -static void blklst_fill_conf(int af, struct dp_vs_blklst_conf *cf, +static void blklst_fill_conf(struct dp_vs_blklst_conf *cf, const struct blklst_entry *entry) { memset(cf, 0 ,sizeof(*cf)); - cf->af = af; + cf->af = entry->af; cf->vaddr = entry->vaddr; cf->blklst = entry->blklst; cf->proto = entry->proto; @@ -286,7 +294,7 @@ static int blklst_sockopt_get(sockoptid_t opt, const void *conf, size_t size, list_for_each_entry(entry, &this_blklst_tab[hash], list) { if (off >= naddr) break; - blklst_fill_conf(AF_INET, &array->blklsts[off++], entry); + blklst_fill_conf(&array->blklsts[off++], entry); } } @@ -307,9 +315,9 @@ static int blklst_msg_process(bool add, struct dpvs_msg *msg) cf = (struct dp_vs_blklst_conf *)msg->data; if (add) - err = dp_vs_blklst_add_lcore(cf->proto, &cf->vaddr, cf->vport, &cf->blklst); + err = dp_vs_blklst_add_lcore(cf->af, cf->proto, &cf->vaddr, cf->vport, &cf->blklst); else - err = dp_vs_blklst_del_lcore(cf->proto, &cf->vaddr, cf->vport, &cf->blklst); + err = dp_vs_blklst_del_lcore(cf->af, cf->proto, &cf->vaddr, cf->vport, &cf->blklst); if (err != EDPVS_OK) RTE_LOG(ERR, SERVICE, "%s: fail to %s blklst: %s.\n", __func__, add ? "add" : "del", dpvs_strerror(err)); diff --git a/src/ipvs/ip_vs_conn.c b/src/ipvs/ip_vs_conn.c index 2002fdd5c..c7823c75e 100644 --- a/src/ipvs/ip_vs_conn.c +++ b/src/ipvs/ip_vs_conn.c @@ -1082,7 +1082,7 @@ int dp_vs_check_template(struct dp_vs_conn *ct) /* check the dest server status */ if ((NULL == dest) || - !(dest->flags & DPVS_DEST_F_AVAILABLE) || + !dp_vs_dest_is_avail(dest) || (conn_expire_quiescent_template && rte_atomic16_read(&dest->weight) == 0)) { #ifdef CONFIG_DPVS_IPVS_DEBUG diff --git a/src/ipvs/ip_vs_core.c b/src/ipvs/ip_vs_core.c index 6c10e0300..85076d2f3 100644 --- a/src/ipvs/ip_vs_core.c +++ b/src/ipvs/ip_vs_core.c @@ -1083,8 +1083,8 @@ static int __dp_vs_pre_routing(void *priv, struct rte_mbuf *mbuf, /* Drop udp packet which send to tcp-vip */ if (g_defence_udp_drop && IPPROTO_UDP == iph.proto) { - if ((svc = dp_vs_lookup_vip(af, IPPROTO_UDP, &iph.daddr, rte_lcore_id())) == NULL) { - if ((svc = dp_vs_lookup_vip(af, IPPROTO_TCP, &iph.daddr, rte_lcore_id())) != NULL) { + if ((svc = dp_vs_vip_lookup(af, IPPROTO_UDP, &iph.daddr, rte_lcore_id())) == NULL) { + if ((svc = dp_vs_vip_lookup(af, IPPROTO_TCP, &iph.daddr, rte_lcore_id())) != NULL) { dp_vs_estats_inc(DEFENCE_UDP_DROP); return INET_DROP; } diff --git a/src/ipvs/ip_vs_dest.c b/src/ipvs/ip_vs_dest.c index 0f947bd25..405661bb5 100644 --- a/src/ipvs/ip_vs_dest.c +++ b/src/ipvs/ip_vs_dest.c @@ -31,7 +31,7 @@ struct list_head dp_vs_dest_trash = LIST_HEAD_INIT(dp_vs_dest_trash); -struct dp_vs_dest *dp_vs_lookup_dest(int af, +struct dp_vs_dest *dp_vs_dest_lookup(int af, struct dp_vs_service *svc, const union inet_addr *daddr, uint16_t dport) @@ -47,7 +47,7 @@ struct dp_vs_dest *dp_vs_lookup_dest(int af, return NULL; } -static void __dp_vs_update_dest(struct dp_vs_service *svc, +static void __dp_vs_dest_update(struct dp_vs_service *svc, struct dp_vs_dest *dest, struct dp_vs_dest_conf *udest) { @@ -58,7 +58,8 @@ static void __dp_vs_update_dest(struct dp_vs_service *svc, rte_atomic16_set(&dest->conn_flags, conn_flags); - dest->flags |= DPVS_DEST_F_AVAILABLE; + + dp_vs_dest_set_avail(dest); if (udest->max_conn == 0 || udest->max_conn > dest->max_conn) dest->flags &= ~DPVS_DEST_F_OVERLOAD; @@ -67,7 +68,7 @@ static void __dp_vs_update_dest(struct dp_vs_service *svc, } -int dp_vs_new_dest(struct dp_vs_service *svc, +int dp_vs_dest_new(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest, struct dp_vs_dest **dest_p) { @@ -95,16 +96,16 @@ int dp_vs_new_dest(struct dp_vs_service *svc, rte_atomic32_set(&dest->inactconns, 0); rte_atomic32_set(&dest->persistconns, 0); rte_atomic32_set(&dest->refcnt, 1); - dp_vs_bind_svc(dest, svc); + dp_vs_service_bind(dest, svc); - __dp_vs_update_dest(svc, dest, udest); + __dp_vs_dest_update(svc, dest, udest); *dest_p = dest; return EDPVS_OK; } int -dp_vs_add_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) +dp_vs_dest_add(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) { struct dp_vs_dest *dest; union inet_addr daddr; @@ -127,7 +128,7 @@ dp_vs_add_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) /* * Check if the dest already exists in the list */ - dest = dp_vs_lookup_dest(udest->af, svc, &daddr, dport); + dest = dp_vs_dest_lookup(udest->af, svc, &daddr, dport); if (dest != NULL) { RTE_LOG(DEBUG, SERVICE, "%s: dest already exists.\n", __func__); @@ -137,7 +138,7 @@ dp_vs_add_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) /* * Allocate and initialize the dest structure */ - ret = dp_vs_new_dest(svc, udest, &dest); + ret = dp_vs_dest_new(svc, udest, &dest); if (ret) { return ret; } @@ -154,7 +155,7 @@ dp_vs_add_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) } int -dp_vs_edit_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) +dp_vs_dest_edit(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) { struct dp_vs_dest *dest; union inet_addr daddr; @@ -177,7 +178,7 @@ dp_vs_edit_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) /* * Lookup the destination list */ - dest = dp_vs_lookup_dest(udest->af, svc, &daddr, dport); + dest = dp_vs_dest_lookup(udest->af, svc, &daddr, dport); if (dest == NULL) { RTE_LOG(DEBUG, SERVICE,"%s(): dest doesn't exist\n", __func__); @@ -187,7 +188,7 @@ dp_vs_edit_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) /* Save old weight */ old_weight = rte_atomic16_read(&dest->weight); - __dp_vs_update_dest(svc, dest, udest); + __dp_vs_dest_update(svc, dest, udest); /* Update service weight */ svc->weight = svc->weight - old_weight + udest->weight; @@ -213,7 +214,7 @@ void dp_vs_dest_put(struct dp_vs_dest *dest) return; if (rte_atomic32_dec_and_test(&dest->refcnt)) { - dp_vs_unbind_svc(dest); + dp_vs_service_unbind(dest); rte_free(dest); } } @@ -221,10 +222,10 @@ void dp_vs_dest_put(struct dp_vs_dest *dest) /* * Unlink a destination from the given service */ -void dp_vs_unlink_dest(struct dp_vs_service *svc, +void dp_vs_dest_unlink(struct dp_vs_service *svc, struct dp_vs_dest *dest, int svcupd) { - dest->flags &= ~DPVS_DEST_F_AVAILABLE; + dp_vs_dest_clear_avail(dest); /* * Remove it from the d-linked destination list. @@ -250,12 +251,12 @@ void dp_vs_unlink_dest(struct dp_vs_service *svc, } int -dp_vs_del_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) +dp_vs_dest_del(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) { struct dp_vs_dest *dest; uint16_t dport = udest->port; - dest = dp_vs_lookup_dest(udest->af, svc, &udest->addr, dport); + dest = dp_vs_dest_lookup(udest->af, svc, &udest->addr, dport); if (dest == NULL) { RTE_LOG(DEBUG, SERVICE,"%s(): destination not found!\n", __func__); @@ -265,7 +266,7 @@ dp_vs_del_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) /* * Unlink dest from the service */ - dp_vs_unlink_dest(svc, dest, 1); + dp_vs_dest_unlink(svc, dest, 1); /* * Delete the destination @@ -275,7 +276,7 @@ dp_vs_del_dest(struct dp_vs_service *svc, struct dp_vs_dest_conf *udest) return EDPVS_OK; } -int dp_vs_get_dest_entries(const struct dp_vs_service *svc, +int dp_vs_dest_get_entries(const struct dp_vs_service *svc, struct dp_vs_get_dests *uptr) { int ret = 0; @@ -299,7 +300,7 @@ int dp_vs_get_dest_entries(const struct dp_vs_service *svc, entry.actconns = rte_atomic32_read(&dest->actconns); entry.inactconns = rte_atomic32_read(&dest->inactconns); entry.persistconns = rte_atomic32_read(&dest->persistconns); - ret = dp_vs_add_stats(&(entry.stats), &dest->stats); + ret = dp_vs_stats_add(&(entry.stats), &dest->stats); if (ret != EDPVS_OK) break; diff --git a/src/ipvs/ip_vs_fo.c b/src/ipvs/ip_vs_fo.c index 6b2ffcef4..080d933fc 100644 --- a/src/ipvs/ip_vs_fo.c +++ b/src/ipvs/ip_vs_fo.c @@ -30,8 +30,8 @@ static struct dp_vs_dest *dp_vs_fo_schedule(struct dp_vs_service *svc, * find virtual server with highest weight and send it traffic */ list_for_each_entry(dest, &svc->dests, n_list) { - if (!(dest->flags & DPVS_DEST_F_OVERLOAD) && - (dest->flags & DPVS_DEST_F_AVAILABLE) && + if (!dp_vs_dest_is_overload(dest) && + dp_vs_dest_is_avail(dest) && (rte_atomic16_read(&dest->weight) > hw)) { hweight = dest; hw = rte_atomic16_read(&dest->weight); diff --git a/src/ipvs/ip_vs_laddr.c b/src/ipvs/ip_vs_laddr.c index 01873ed3f..daf6ef078 100644 --- a/src/ipvs/ip_vs_laddr.c +++ b/src/ipvs/ip_vs_laddr.c @@ -525,6 +525,7 @@ static int get_msg_cb(struct dpvs_msg *msg) *laddrs = *laddr_conf; laddrs->nladdrs = naddr; + laddrs->cid = cid; for (i = 0; i < naddr; i++) { laddrs->laddrs[i].af = addrs[i].af; laddrs->laddrs[i].addr = addrs[i].addr; @@ -554,12 +555,17 @@ static int dp_vs_copy_percore_laddrs_stats(struct dp_vs_laddr_conf *master_laddr return EDPVS_OK; } -static void opt2cpu(sockoptid_t opt, sockoptid_t *new_opt, lcoreid_t *cid) +static int opt2cpu(sockoptid_t opt, sockoptid_t *new_opt, lcoreid_t *cid) { - *cid = g_lcore_index[opt - SOCKOPT_GET_LADDR_GETALL]; + int index = opt - SOCKOPT_GET_LADDR_GETALL; + if (index >= g_lcore_num) { + return -1; + } + *cid = g_lcore_index[index]; assert(*cid >=0 && *cid < DPVS_MAX_LCORE); *new_opt = SOCKOPT_GET_LADDR_GETALL; + return 0; } static int laddr_sockopt_get(sockoptid_t opt, const void *conf, size_t size, @@ -579,7 +585,9 @@ static int laddr_sockopt_get(sockoptid_t opt, const void *conf, size_t size, lcoreid_t cid; netif_get_slave_lcores(&num_lcores, NULL); - opt2cpu(opt, &new_opt, &cid); + if (opt2cpu(opt, &new_opt, &cid) < 0) { + return EDPVS_INVAL; + } if (new_opt > SOCKOPT_GET_LADDR_GETALL) return EDPVS_INVAL; diff --git a/src/ipvs/ip_vs_proto_tcp.c b/src/ipvs/ip_vs_proto_tcp.c index e4cc12262..edd9d9857 100644 --- a/src/ipvs/ip_vs_proto_tcp.c +++ b/src/ipvs/ip_vs_proto_tcp.c @@ -590,7 +590,7 @@ static int tcp_conn_sched(struct dp_vs_proto *proto, /* Drop tcp packet which is send to vip and !vport */ if (g_defence_tcp_drop && - (svc = dp_vs_lookup_vip(iph->af, iph->proto, + (svc = dp_vs_vip_lookup(iph->af, iph->proto, &iph->daddr, rte_lcore_id()))) { dp_vs_estats_inc(DEFENCE_TCP_DROP); *verdict = INET_DROP; @@ -601,12 +601,12 @@ static int tcp_conn_sched(struct dp_vs_proto *proto, return EDPVS_INVAL; } - svc = dp_vs_service_lookup(iph->af, iph->proto, &iph->daddr, th->dest, + svc = dp_vs_service_lookup(iph->af, iph->proto, &iph->daddr, th->dest, 0, mbuf, NULL, &outwall, rte_lcore_id()); if (!svc) { /* Drop tcp packet which is send to vip and !vport */ if (g_defence_tcp_drop && - (svc = dp_vs_lookup_vip(iph->af, iph->proto, + (svc = dp_vs_vip_lookup(iph->af, iph->proto, &iph->daddr, rte_lcore_id()))) { dp_vs_estats_inc(DEFENCE_TCP_DROP); *verdict = INET_DROP; @@ -638,7 +638,8 @@ tcp_conn_lookup(struct dp_vs_proto *proto, const struct dp_vs_iphdr *iph, if (unlikely(!th)) return NULL; - if (dp_vs_blklst_lookup(iph->proto, &iph->daddr, th->dest, &iph->saddr)) { + if (dp_vs_blklst_lookup(iph->af, iph->proto, &iph->daddr, + th->dest, &iph->saddr)) { *drop = true; return NULL; } diff --git a/src/ipvs/ip_vs_proto_udp.c b/src/ipvs/ip_vs_proto_udp.c index 0c5f3e213..9217e134f 100644 --- a/src/ipvs/ip_vs_proto_udp.c +++ b/src/ipvs/ip_vs_proto_udp.c @@ -206,8 +206,8 @@ udp_conn_lookup(struct dp_vs_proto *proto, if (unlikely(!uh)) return NULL; - if (dp_vs_blklst_lookup(iph->proto, &iph->daddr, uh->dst_port, - &iph->saddr)) { + if (dp_vs_blklst_lookup(iph->af, iph->proto, &iph->daddr, + uh->dst_port, &iph->saddr)) { *drop = true; return NULL; } diff --git a/src/ipvs/ip_vs_service.c b/src/ipvs/ip_vs_service.c index c133ce85d..2357978cd 100644 --- a/src/ipvs/ip_vs_service.c +++ b/src/ipvs/ip_vs_service.c @@ -16,7 +16,7 @@ * */ /* - * svc will not be changed during svc get(svc is per core); + * svc will not be changed during svc get(svc is per core); * but conn will hold dest and dest will hold svc. so we need refcnt */ #include @@ -52,7 +52,7 @@ static struct list_head dp_vs_svc_fwm_table[DPVS_MAX_LCORE][DP_VS_SVC_TAB_SIZE]; static struct list_head dp_vs_svc_match_list[DPVS_MAX_LCORE]; -static inline int dp_vs_svc_hashkey(int af, unsigned proto, const union inet_addr *addr) +static inline int dp_vs_service_hashkey(int af, unsigned proto, const union inet_addr *addr) { uint32_t addr_fold; @@ -66,12 +66,12 @@ static inline int dp_vs_svc_hashkey(int af, unsigned proto, const union inet_add return (proto ^ rte_be_to_cpu_32(addr_fold)) & DP_VS_SVC_TAB_MASK; } -static inline unsigned dp_vs_svc_fwm_hashkey(uint32_t fwmark) +static inline unsigned dp_vs_service_fwm_hashkey(uint32_t fwmark) { return fwmark & DP_VS_SVC_TAB_MASK; } -static int dp_vs_svc_hash(struct dp_vs_service *svc, lcoreid_t cid) +static int dp_vs_service_hash(struct dp_vs_service *svc, lcoreid_t cid) { int hash; @@ -81,7 +81,7 @@ static int dp_vs_svc_hash(struct dp_vs_service *svc, lcoreid_t cid) } if (svc->fwmark) { - hash = dp_vs_svc_fwm_hashkey(svc->fwmark); + hash = dp_vs_service_fwm_hashkey(svc->fwmark); list_add(&svc->f_list, &dp_vs_svc_fwm_table[cid][hash]); } else if (svc->match) { list_add(&svc->m_list, &dp_vs_svc_match_list[cid]); @@ -89,7 +89,7 @@ static int dp_vs_svc_hash(struct dp_vs_service *svc, lcoreid_t cid) /* * Hash it by in dp_vs_svc_table */ - hash = dp_vs_svc_hashkey(svc->af, svc->proto, &svc->addr); + hash = dp_vs_service_hashkey(svc->af, svc->proto, &svc->addr); if (hash < 0) return EDPVS_INVAL; @@ -100,7 +100,7 @@ static int dp_vs_svc_hash(struct dp_vs_service *svc, lcoreid_t cid) return EDPVS_OK; } -static int dp_vs_svc_unhash(struct dp_vs_service *svc) +static int dp_vs_service_unhash(struct dp_vs_service *svc) { if (!(svc->flags & DP_VS_SVC_F_HASHED)) { RTE_LOG(DEBUG, SERVICE, "%s: request for unhashed flag.\n", __func__); @@ -125,7 +125,7 @@ static struct dp_vs_service *__dp_vs_service_get(int af, uint16_t protocol, int hash; struct dp_vs_service *svc; - hash = dp_vs_svc_hashkey(af, protocol, vaddr); + hash = dp_vs_service_hashkey(af, protocol, vaddr); if (hash < 0) return NULL; list_for_each_entry(svc, &dp_vs_svc_table[cid][hash], s_list){ @@ -140,13 +140,13 @@ static struct dp_vs_service *__dp_vs_service_get(int af, uint16_t protocol, return NULL; } -static struct dp_vs_service *__dp_vs_svc_fwm_get(int af, uint32_t fwmark, lcoreid_t cid) +static struct dp_vs_service *__dp_vs_service_fwm_get(int af, uint32_t fwmark, lcoreid_t cid) { unsigned hash; struct dp_vs_service *svc; /* Check for fwmark addressed entries */ - hash = dp_vs_svc_fwm_hashkey(fwmark); + hash = dp_vs_service_fwm_hashkey(fwmark); list_for_each_entry(svc, &dp_vs_svc_fwm_table[cid][hash], f_list) { if (svc->fwmark == fwmark && svc->af == af) { @@ -158,7 +158,7 @@ static struct dp_vs_service *__dp_vs_svc_fwm_get(int af, uint32_t fwmark, lcorei return NULL; } -static inline bool __svc_in_range(int af, +static inline bool __service_in_range(int af, const union inet_addr *addr, __be16 port, const struct inet_addr_range *range) { @@ -196,7 +196,7 @@ static inline bool __svc_in_range(int af, } static struct dp_vs_service * -__dp_vs_svc_match_get4(const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid) +__dp_vs_service_match_get4(const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid) { struct route_entry *rt = mbuf->userdata; struct ipv4_hdr *iph = ip4_hdr(mbuf); /* ipv4 only */ @@ -220,8 +220,8 @@ __dp_vs_svc_match_get4(const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid } else if (outwall != NULL && (NULL != ipset_addr_lookup(AF_INET, &daddr)) && (rt = route_gfw_net_lookup(&daddr.in))) { char dst[64]; - RTE_LOG(DEBUG, IPSET, "%s: IP %s is in the gfwip set, found route in the outwall table.\n", __func__, - inet_ntop(AF_INET, &daddr, dst, sizeof(dst))? dst: ""); + RTE_LOG(DEBUG, IPSET, "%s: IP %s is in the gfwip set, found route in the outwall table.\n", __func__, + inet_ntop(AF_INET, &daddr, dst, sizeof(dst))? dst: ""); oif = rt->port->id; route4_put(rt); *outwall = true; @@ -251,8 +251,8 @@ __dp_vs_svc_match_get4(const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid odev = netif_port_get_by_name(m->oifname); if (svc->af == AF_INET && svc->proto == iph->next_proto_id && - __svc_in_range(AF_INET, &saddr, ports[0], &m->srange) && - __svc_in_range(AF_INET, &daddr, ports[1], &m->drange) && + __service_in_range(AF_INET, &saddr, ports[0], &m->srange) && + __service_in_range(AF_INET, &daddr, ports[1], &m->drange) && (!idev || idev->id == mbuf->port) && (!odev || odev->id == oif) ) { @@ -264,7 +264,7 @@ __dp_vs_svc_match_get4(const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid } static struct dp_vs_service * -__dp_vs_svc_match_get6(const struct rte_mbuf *mbuf, lcoreid_t cid) +__dp_vs_service_match_get6(const struct rte_mbuf *mbuf, lcoreid_t cid) { struct route6 *rt = mbuf->userdata; struct ip6_hdr *iph = ip6_hdr(mbuf); @@ -322,8 +322,8 @@ __dp_vs_svc_match_get6(const struct rte_mbuf *mbuf, lcoreid_t cid) ip6_skip_exthdr(mbuf, sizeof(struct ip6_hdr), &ip6nxt); if (svc->af == AF_INET6 && svc->proto == ip6nxt && - __svc_in_range(AF_INET6, &saddr, ports[0], &m->srange) && - __svc_in_range(AF_INET6, &daddr, ports[1], &m->drange) && + __service_in_range(AF_INET6, &saddr, ports[0], &m->srange) && + __service_in_range(AF_INET6, &daddr, ports[1], &m->drange) && (!idev || idev->id == mbuf->port) && (!odev || odev->id == oif) ) { @@ -335,12 +335,12 @@ __dp_vs_svc_match_get6(const struct rte_mbuf *mbuf, lcoreid_t cid) } static struct dp_vs_service * -__dp_vs_svc_match_get(int af, const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid) +__dp_vs_service_match_get(int af, const struct rte_mbuf *mbuf, bool *outwall, lcoreid_t cid) { if (af == AF_INET) - return __dp_vs_svc_match_get4(mbuf, outwall, cid); + return __dp_vs_service_match_get4(mbuf, outwall, cid); else if (af == AF_INET6) - return __dp_vs_svc_match_get6(mbuf, cid); + return __dp_vs_service_match_get6(mbuf, cid); else return NULL; } @@ -379,7 +379,7 @@ int dp_vs_match_parse(const char *srange, const char *drange, } static struct dp_vs_service * -__dp_vs_svc_match_find(int af, uint8_t proto, const struct dp_vs_match *match, +__dp_vs_service_match_find(int af, uint8_t proto, const struct dp_vs_match *match, lcoreid_t cid) { struct dp_vs_service *svc; @@ -408,18 +408,18 @@ struct dp_vs_service *dp_vs_service_lookup(int af, uint16_t protocol, { struct dp_vs_service *svc = NULL; - if (fwmark && (svc = __dp_vs_svc_fwm_get(af, fwmark, cid))) + if (fwmark && (svc = __dp_vs_service_fwm_get(af, fwmark, cid))) goto out; if ((svc = __dp_vs_service_get(af, protocol, vaddr, vport, cid))) goto out; if (match && !is_empty_match(match)) - if ((svc = __dp_vs_svc_match_find(af, protocol, match, cid))) + if ((svc = __dp_vs_service_match_find(af, protocol, match, cid))) goto out; if (mbuf) /* lowest priority */ - svc = __dp_vs_svc_match_get(af, mbuf, outwall, cid); + svc = __dp_vs_service_match_get(af, mbuf, outwall, cid); out: #ifdef CONFIG_DPVS_MBUF_DEBUG @@ -429,15 +429,14 @@ struct dp_vs_service *dp_vs_service_lookup(int af, uint16_t protocol, return svc; } - -struct dp_vs_service *dp_vs_lookup_vip(int af, uint16_t protocol, +struct dp_vs_service *dp_vs_vip_lookup(int af, uint16_t protocol, const union inet_addr *vaddr, lcoreid_t cid) { struct dp_vs_service *svc; int hash; - hash = dp_vs_svc_hashkey(af, protocol, vaddr); + hash = dp_vs_service_hashkey(af, protocol, vaddr); if (hash < 0) return NULL; list_for_each_entry(svc, &dp_vs_svc_table[cid][hash], s_list) { @@ -453,13 +452,13 @@ struct dp_vs_service *dp_vs_lookup_vip(int af, uint16_t protocol, } void -dp_vs_bind_svc(struct dp_vs_dest *dest, struct dp_vs_service *svc) +dp_vs_service_bind(struct dp_vs_dest *dest, struct dp_vs_service *svc) { rte_atomic32_inc(&svc->refcnt); dest->svc = svc; } -void dp_vs_svc_put(struct dp_vs_service *svc) +void dp_vs_service_put(struct dp_vs_service *svc) { if (!svc) return; @@ -469,18 +468,18 @@ void dp_vs_svc_put(struct dp_vs_service *svc) rte_free(svc->match); rte_free(svc); RTE_LOG(DEBUG, SERVICE, "%s: delete svc.\n", __func__); - } + } } -void dp_vs_unbind_svc(struct dp_vs_dest *dest) +void dp_vs_service_unbind(struct dp_vs_dest *dest) { if (!dest->svc) return; - dp_vs_svc_put(dest->svc); + dp_vs_service_put(dest->svc); dest->svc = NULL; } -static int dp_vs_add_service(struct dp_vs_service_conf *u, +static int dp_vs_service_add(struct dp_vs_service_conf *u, struct dp_vs_service **svc_p, lcoreid_t cid) { @@ -543,7 +542,7 @@ static int dp_vs_add_service(struct dp_vs_service_conf *u, rte_atomic16_inc(&dp_vs_num_services[cid]); - ret = dp_vs_svc_hash(svc, cid); + ret = dp_vs_service_hash(svc, cid); if (ret != EDPVS_OK) return ret; rte_atomic32_set(&svc->refcnt, 1); @@ -562,7 +561,7 @@ static int dp_vs_add_service(struct dp_vs_service_conf *u, return ret; } -static int dp_vs_edit_service(struct dp_vs_service *svc, struct dp_vs_service_conf *u) +static int dp_vs_service_edit(struct dp_vs_service *svc, struct dp_vs_service_conf *u) { struct dp_vs_scheduler *sched, *old_sched; int ret = 0; @@ -626,7 +625,7 @@ static int dp_vs_edit_service(struct dp_vs_service *svc, struct dp_vs_service_co return ret; } -static void __dp_vs_del_service(struct dp_vs_service *svc) +static void __dp_vs_service_del(struct dp_vs_service *svc) { struct dp_vs_dest *dest, *nxt; @@ -644,17 +643,17 @@ static void __dp_vs_del_service(struct dp_vs_service *svc) * Unlink the whole destination list */ list_for_each_entry_safe(dest, nxt, &svc->dests, n_list) { - dp_vs_unlink_dest(svc, dest, 0); + dp_vs_dest_unlink(svc, dest, 0); dp_vs_dest_put(dest); } /* * Free the service if nobody refers to it */ - dp_vs_svc_put(svc); + dp_vs_service_put(svc); } -static int dp_vs_del_service(struct dp_vs_service *svc) +static int dp_vs_service_del(struct dp_vs_service *svc) { if (svc == NULL) return EDPVS_NOTEXIST; @@ -662,18 +661,18 @@ static int dp_vs_del_service(struct dp_vs_service *svc) /* * Unhash it from the service table */ - dp_vs_svc_unhash(svc); + dp_vs_service_unhash(svc); /* * Wait until all the svc users go away. */ - __dp_vs_del_service(svc); + __dp_vs_service_del(svc); return EDPVS_OK; } static int -dp_vs_copy_service(struct dp_vs_service_entry *dst, struct dp_vs_service *src) +dp_vs_service_copy(struct dp_vs_service_entry *dst, struct dp_vs_service *src) { int err = 0; struct dp_vs_match *m; @@ -694,7 +693,7 @@ dp_vs_copy_service(struct dp_vs_service_entry *dst, struct dp_vs_service *src) dst->num_laddrs = src->num_laddrs; dst->cid = rte_lcore_id(); - err = dp_vs_add_stats(&dst->stats, &src->stats); + err = dp_vs_stats_add(&dst->stats, &src->stats); m = src->match; if (!m) @@ -709,7 +708,7 @@ dp_vs_copy_service(struct dp_vs_service_entry *dst, struct dp_vs_service *src) return err; } -static int dp_vs_get_service_entries(int num_services, +static int dp_vs_service_get_entries(int num_services, struct dp_vs_get_services *uptr, lcoreid_t cid) { @@ -723,7 +722,7 @@ static int dp_vs_get_service_entries(int num_services, list_for_each_entry(svc, &dp_vs_svc_table[cid][idx], s_list){ if (count >= num_services) goto out; - ret = dp_vs_copy_service(&uptr->entrytable[count], svc); + ret = dp_vs_service_copy(&uptr->entrytable[count], svc); if (ret != EDPVS_OK) goto out; count++; @@ -734,7 +733,7 @@ static int dp_vs_get_service_entries(int num_services, list_for_each_entry(svc, &dp_vs_svc_fwm_table[cid][idx], f_list) { if (count >= num_services) goto out; - ret = dp_vs_copy_service(&uptr->entrytable[count], svc); + ret = dp_vs_service_copy(&uptr->entrytable[count], svc); if (ret != EDPVS_OK) goto out; count++; @@ -744,7 +743,7 @@ static int dp_vs_get_service_entries(int num_services, list_for_each_entry(svc, &dp_vs_svc_match_list[cid], m_list) { if (count >= num_services) goto out; - ret = dp_vs_copy_service(&uptr->entrytable[count], svc); + ret = dp_vs_service_copy(&uptr->entrytable[count], svc); if (ret != EDPVS_OK) goto out; count++; @@ -767,7 +766,7 @@ unsigned dp_vs_get_conn_timeout(struct dp_vs_conn *conn) return 90; } -static int dp_vs_flush(lcoreid_t cid) +static int dp_vs_services_flush(lcoreid_t cid) { int idx; struct dp_vs_service *svc, *nxt; @@ -778,7 +777,7 @@ static int dp_vs_flush(lcoreid_t cid) for (idx = 0; idx < DP_VS_SVC_TAB_SIZE; idx++) { list_for_each_entry_safe(svc, nxt, &dp_vs_svc_table[cid][idx], s_list) { - dp_vs_del_service(svc); + dp_vs_service_del(svc); } } @@ -788,19 +787,19 @@ static int dp_vs_flush(lcoreid_t cid) for (idx = 0; idx < DP_VS_SVC_TAB_SIZE; idx++) { list_for_each_entry_safe(svc, nxt, &dp_vs_svc_fwm_table[cid][idx], f_list) { - dp_vs_del_service(svc); + dp_vs_service_del(svc); } } list_for_each_entry_safe(svc, nxt, &dp_vs_svc_match_list[cid], m_list) { - dp_vs_del_service(svc); + dp_vs_service_del(svc); } return EDPVS_OK; } -static int dp_vs_zero_service(struct dp_vs_service *svc) +static int dp_vs_service_zero(struct dp_vs_service *svc) { struct dp_vs_dest *dest; @@ -811,25 +810,25 @@ static int dp_vs_zero_service(struct dp_vs_service *svc) return EDPVS_OK; } -static int dp_vs_zero_all(lcoreid_t cid) +static int dp_vs_services_zero(lcoreid_t cid) { int idx; struct dp_vs_service *svc; for (idx = 0; idx < DP_VS_SVC_TAB_SIZE; idx++) { list_for_each_entry(svc, &dp_vs_svc_table[cid][idx], s_list) { - dp_vs_zero_service(svc); + dp_vs_service_zero(svc); } } for (idx = 0; idx < DP_VS_SVC_TAB_SIZE; idx++) { list_for_each_entry(svc, &dp_vs_svc_fwm_table[cid][idx], f_list) { - dp_vs_zero_service(svc); + dp_vs_service_zero(svc); } } list_for_each_entry(svc, &dp_vs_svc_match_list[cid], m_list) { - dp_vs_zero_service(svc); + dp_vs_service_zero(svc); } dp_vs_estats_clear(); @@ -860,7 +859,7 @@ static int dp_vs_copy_usvc_compat(struct dp_vs_service_conf *conf, if (user->flags & DP_VS_SVC_F_MATCH) { err = dp_vs_match_parse(user->srange, user->drange, - user->iifname, user->oifname, + user->iifname, user->oifname, user->af, &conf->match); if (err != EDPVS_OK) return err; @@ -911,7 +910,7 @@ static int svc_msg_seq(void) return seq++; } -static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) +static int dp_vs_service_set(sockoptid_t opt, const void *user, size_t len) { int ret; unsigned char arg[MAX_ARG_LEN]; @@ -927,7 +926,7 @@ static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) vip = (struct in_addr *)user; return gratuitous_arp_send_vip(vip); } - + // send to slave core if (cid == rte_get_master_lcore()) { struct dpvs_msg *msg; @@ -944,7 +943,7 @@ static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) } if (opt == DPVS_SO_SET_FLUSH) - return dp_vs_flush(cid); + return dp_vs_services_flush(cid); memcpy(arg, user, len); usvc_compat = (struct dp_vs_service_user *)arg; @@ -960,7 +959,7 @@ static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) !usvc.fwmark && !usvc.port && is_empty_match(&usvc.match) ) { - return dp_vs_zero_all(cid); + return dp_vs_services_zero(cid); } } @@ -974,9 +973,9 @@ static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) svc = __dp_vs_service_get(usvc.af, usvc.protocol, &usvc.addr, usvc.port, cid); else if (usvc.fwmark) - svc = __dp_vs_svc_fwm_get(usvc.af, usvc.fwmark, cid); + svc = __dp_vs_service_fwm_get(usvc.af, usvc.fwmark, cid); else if (!is_empty_match(&usvc.match)) - svc = __dp_vs_svc_match_find(usvc.af, usvc.protocol, &usvc.match, cid); + svc = __dp_vs_service_match_find(usvc.af, usvc.protocol, &usvc.match, cid); else { RTE_LOG(ERR, SERVICE, "%s: empty service.\n", __func__); return EDPVS_INVAL; @@ -992,28 +991,28 @@ static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) if(svc != NULL) ret = EDPVS_EXIST; else - ret = dp_vs_add_service(&usvc, &svc, cid); + ret = dp_vs_service_add(&usvc, &svc, cid); break; case DPVS_SO_SET_EDIT: - ret = dp_vs_edit_service(svc, &usvc); + ret = dp_vs_service_edit(svc, &usvc); break; case DPVS_SO_SET_DEL: - ret = dp_vs_del_service(svc); + ret = dp_vs_service_del(svc); break; case DPVS_SO_SET_ZERO: - ret = dp_vs_zero_service(svc); + ret = dp_vs_service_zero(svc); break; case DPVS_SO_SET_ADDDEST: dp_vs_copy_udest_compat(&udest, udest_compat); - ret = dp_vs_add_dest(svc, &udest); + ret = dp_vs_dest_add(svc, &udest); break; case DPVS_SO_SET_EDITDEST: dp_vs_copy_udest_compat(&udest, udest_compat); - ret = dp_vs_edit_dest(svc, &udest); + ret = dp_vs_dest_edit(svc, &udest); break; case DPVS_SO_SET_DELDEST: dp_vs_copy_udest_compat(&udest, udest_compat); - ret = dp_vs_del_dest(svc, &udest); + ret = dp_vs_dest_del(svc, &udest); break; default: ret = EDPVS_INVAL; @@ -1023,35 +1022,38 @@ static int dp_vs_set_svc(sockoptid_t opt, const void *user, size_t len) } /* - * for example : SOCKOPT_SVC_BASE is 200, SOCKOPT_SVC_GET_CMD_MAX is 204, - * old_opt 205 means core 1 get opt 200 + * for example : SOCKOPT_SVC_BASE is 200, SOCKOPT_SVC_GET_CMD_MAX is 204, + * old_opt 205 means core 1 get opt 200 */ -static inline void opt2cpu(sockoptid_t old_opt, sockoptid_t *new_opt, lcoreid_t *cid) +static inline int opt2cpu(sockoptid_t old_opt, sockoptid_t *new_opt, lcoreid_t *cid) { assert(old_opt >= SOCKOPT_SVC_BASE); assert(old_opt <= SOCKOPT_SVC_MAX); - + int index = (old_opt - SOCKOPT_SVC_BASE)/(SOCKOPT_SVC_GET_CMD_MAX - SOCKOPT_SVC_BASE + 1); + if (index >= g_lcore_num) { + return -1; + } *new_opt = (old_opt - SOCKOPT_SVC_BASE)%(SOCKOPT_SVC_GET_CMD_MAX - SOCKOPT_SVC_BASE + 1) + SOCKOPT_SVC_BASE; - *cid = g_lcore_index[(old_opt - SOCKOPT_SVC_BASE)/(SOCKOPT_SVC_GET_CMD_MAX - SOCKOPT_SVC_BASE + 1)]; + *cid = g_lcore_index[index]; assert(*cid >= 0 && *cid < DPVS_MAX_LCORE); + return 0; } /* copy service/dest/stats */ -static int dp_vs_copy_percore_svcs_stats(struct dp_vs_get_services *master_svcs, - struct dp_vs_get_services *slave_svcs) +static int dp_vs_services_copy_percore_stats(struct dp_vs_get_services *master_svcs, + struct dp_vs_get_services *slave_svcs) { int i; if (master_svcs->num_services != slave_svcs->num_services) return EDPVS_INVAL; - for (i = 0; i < master_svcs->num_services; i++) - dp_vs_add_stats(&master_svcs->entrytable[i].stats, &slave_svcs->entrytable[i].stats); - + for (i = 0; i < master_svcs->num_services; i++) + dp_vs_stats_add(&master_svcs->entrytable[i].stats, &slave_svcs->entrytable[i].stats); return EDPVS_OK; } //dest should not be changed during get msg -static int dp_vs_copy_percore_dests_stats(struct dp_vs_get_dests *master_dests, +static int dp_vs_dests_copy_percore_stats(struct dp_vs_get_dests *master_dests, struct dp_vs_get_dests *slave_dests) { int i; @@ -1061,20 +1063,20 @@ static int dp_vs_copy_percore_dests_stats(struct dp_vs_get_dests *master_dests, master_dests->entrytable[i].actconns += slave_dests->entrytable[i].actconns; master_dests->entrytable[i].inactconns += slave_dests->entrytable[i].inactconns; master_dests->entrytable[i].persistconns += slave_dests->entrytable[i].persistconns; - dp_vs_add_stats(&master_dests->entrytable[i].stats, &slave_dests->entrytable[i].stats); + dp_vs_stats_add(&master_dests->entrytable[i].stats, &slave_dests->entrytable[i].stats); } return EDPVS_OK; } -static int dp_vs_get_services_uc_cb(struct dpvs_msg *msg) +static int dp_vs_services_get_uc_cb(struct dpvs_msg *msg) { lcoreid_t cid = rte_lcore_id(); size_t size; struct dp_vs_get_services *get, *output; int ret; - /* service may be changed */ + /* service may be changed */ get = (struct dp_vs_get_services *)msg->data; if (get->num_services != rte_atomic16_read(&dp_vs_num_services[cid])) { RTE_LOG(ERR, SERVICE, "%s: svc number %d not match %d in cid=%d.\n", @@ -1086,7 +1088,7 @@ static int dp_vs_get_services_uc_cb(struct dpvs_msg *msg) output = msg_reply_alloc(size); if (output == NULL) return EDPVS_NOMEM; - ret = dp_vs_get_service_entries(get->num_services, output, cid); + ret = dp_vs_service_get_entries(get->num_services, output, cid); if (ret != EDPVS_OK) { msg_reply_free(output); return ret; @@ -1097,14 +1099,14 @@ static int dp_vs_get_services_uc_cb(struct dpvs_msg *msg) } static struct dp_vs_service * -dp_vs_get_service_lcore(const struct dp_vs_service_entry *entry, +dp_vs_service_get_lcore(const struct dp_vs_service_entry *entry, lcoreid_t cid) { struct dp_vs_service *svc = NULL; int ret; if(entry->fwmark) - svc = __dp_vs_svc_fwm_get(AF_INET, entry->fwmark, cid); + svc = __dp_vs_service_fwm_get(AF_INET, entry->fwmark, cid); else if (!inet_is_addr_any(entry->af, &entry->addr) || entry->port) svc = __dp_vs_service_get(entry->af, entry->proto, &entry->addr, entry->port, cid); @@ -1118,7 +1120,7 @@ dp_vs_get_service_lcore(const struct dp_vs_service_entry *entry, return NULL; if (!is_empty_match(&match)) { - svc = __dp_vs_svc_match_find(match.af, entry->proto, + svc = __dp_vs_service_match_find(match.af, entry->proto, &match, cid); } } @@ -1126,7 +1128,7 @@ dp_vs_get_service_lcore(const struct dp_vs_service_entry *entry, return svc; } -static int dp_vs_get_service_uc_cb(struct dpvs_msg *msg) +static int dp_vs_service_get_uc_cb(struct dpvs_msg *msg) { lcoreid_t cid = rte_lcore_id(); struct dp_vs_service_entry *entry; @@ -1134,16 +1136,16 @@ static int dp_vs_get_service_uc_cb(struct dpvs_msg *msg) int ret, size; entry = (struct dp_vs_service_entry *)msg->data; - svc = dp_vs_get_service_lcore(entry, cid); + svc = dp_vs_service_get_lcore(entry, cid); if (!svc) return EDPVS_NOTEXIST; - size = sizeof(struct dp_vs_service_entry); + size = sizeof(struct dp_vs_service_entry); entry = msg_reply_alloc(size); if (entry == NULL) return EDPVS_NOMEM; - ret = dp_vs_copy_service(entry, svc); + ret = dp_vs_service_copy(entry, svc); if (ret != EDPVS_OK) { msg_reply_free(entry); return ret; @@ -1153,7 +1155,7 @@ static int dp_vs_get_service_uc_cb(struct dpvs_msg *msg) return EDPVS_OK; } -static int dp_vs_get_dests_uc_cb(struct dpvs_msg *msg) +static int dp_vs_dests_get_uc_cb(struct dpvs_msg *msg) { lcoreid_t cid = rte_lcore_id(); int ret; @@ -1174,7 +1176,7 @@ static int dp_vs_get_dests_uc_cb(struct dpvs_msg *msg) rte_memcpy(entry.iifname, get->iifname, sizeof(get->iifname)); rte_memcpy(entry.oifname, get->oifname, sizeof(get->oifname)); - svc = dp_vs_get_service_lcore(&entry, cid); + svc = dp_vs_service_get_lcore(&entry, cid); if (!svc) return EDPVS_NOTEXIST; if (svc->num_dests != get->num_dests) { @@ -1187,7 +1189,7 @@ static int dp_vs_get_dests_uc_cb(struct dpvs_msg *msg) if (output == NULL) return EDPVS_NOMEM; rte_memcpy(output, get, sizeof(*get)); - ret = dp_vs_get_dest_entries(svc, output); + ret = dp_vs_dest_get_entries(svc, output); if (ret != EDPVS_OK) { msg_reply_free(output); return ret; @@ -1198,7 +1200,7 @@ static int dp_vs_get_dests_uc_cb(struct dpvs_msg *msg) return EDPVS_OK; } -static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **out, size_t *outlen) +static int dp_vs_service_get(sockoptid_t opt, const void *user, size_t len, void **out, size_t *outlen) { int ret = 0; uint8_t num_lcores = 0; @@ -1206,9 +1208,11 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o sockoptid_t new_opt; netif_get_slave_lcores(&num_lcores, NULL); - opt2cpu(opt, &new_opt, &cid); + if (opt2cpu(opt, &new_opt, &cid) < 0) { + return EDPVS_INVAL; + } if (new_opt > SOCKOPT_SVC_MAX) - return EDPVS_INVAL; + return EDPVS_INVAL; switch (new_opt){ case DPVS_SO_GET_VERSION: @@ -1271,7 +1275,7 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o return EDPVS_NOMEM; } rte_memcpy(output, get, sizeof(*get)); - ret = dp_vs_get_service_entries(get->num_services, output, cid); + ret = dp_vs_service_get_entries(get->num_services, output, cid); if (ret != EDPVS_OK) { msg_destroy(&msg); rte_free(output); @@ -1279,11 +1283,11 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o } list_for_each_entry(cur, &reply->mq, mq_node) { get_msg = (struct dp_vs_get_services *)(cur->data); - ret = dp_vs_copy_percore_svcs_stats(output, get_msg); + ret = dp_vs_services_copy_percore_stats(output, get_msg); if (ret != EDPVS_OK) { msg_destroy(&msg); rte_free(output); - return ret; + return ret; } } *out = output; @@ -1331,10 +1335,10 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o msg_destroy(&msg); RTE_LOG(ERR, SERVICE, "%s: send message fail.\n", __func__); return EDPVS_MSG_FAIL; - } + } if (cid == rte_get_master_lcore()) { - svc = dp_vs_get_service_lcore(entry, cid); + svc = dp_vs_service_get_lcore(entry, cid); if (!svc) { msg_destroy(&msg); return EDPVS_NOTEXIST; @@ -1347,7 +1351,7 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o return EDPVS_NOTEXIST; } memcpy(output, entry, sizeof(struct dp_vs_service_entry)); - ret = dp_vs_copy_service(output, svc); + ret = dp_vs_service_copy(output, svc); if (ret != EDPVS_OK) { msg_destroy(&msg); rte_free(output); @@ -1356,7 +1360,7 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o list_for_each_entry(cur, &reply->mq, mq_node) { get_msg = (struct dp_vs_service_entry *)(cur->data); - ret = dp_vs_add_stats(&output->stats, &get_msg->stats); + ret = dp_vs_stats_add(&output->stats, &get_msg->stats); if (ret != EDPVS_OK) { msg_destroy(&msg); rte_free(output); @@ -1387,7 +1391,7 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o RTE_LOG(ERR, SERVICE, "%s: find no service for cid=%d.\n", __func__, cid); msg_destroy(&msg); rte_free(output); - return EDPVS_NOTEXIST; + return EDPVS_NOTEXIST; } } case DPVS_SO_GET_DESTS: @@ -1420,16 +1424,16 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o sizeof(struct dp_vs_get_dests), user); if (!msg) return EDPVS_NOMEM; - + ret = multicast_msg_send(msg, 0, &reply); if (ret != EDPVS_OK) { msg_destroy(&msg); RTE_LOG(ERR, SERVICE, "%s: send message fail.\n", __func__); return EDPVS_MSG_FAIL; } - + if (cid == rte_get_master_lcore()) { - svc = dp_vs_get_service_lcore(&entry, cid); + svc = dp_vs_service_get_lcore(&entry, cid); if (!svc) { msg_destroy(&msg); return EDPVS_NOTEXIST; @@ -1445,7 +1449,7 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o return EDPVS_NOMEM; } rte_memcpy(output, get, sizeof(get)); - ret = dp_vs_get_dest_entries(svc, output); + ret = dp_vs_dest_get_entries(svc, output); if (ret != EDPVS_OK) { msg_destroy(&msg); rte_free(output); @@ -1454,7 +1458,7 @@ static int dp_vs_get_svc(sockoptid_t opt, const void *user, size_t len, void **o list_for_each_entry(cur, &reply->mq, mq_node) { get_msg = (struct dp_vs_get_dests *)(cur->data); - ret = dp_vs_copy_percore_dests_stats(output, get_msg); + ret = dp_vs_dests_copy_percore_stats(output, get_msg); if (ret != EDPVS_OK) { msg_destroy(&msg); rte_free(output); @@ -1496,51 +1500,50 @@ struct dpvs_sockopts sockopts_svc = { .version = SOCKOPT_VERSION, .set_opt_min = SOCKOPT_SVC_BASE, .set_opt_max = SOCKOPT_SVC_SET_CMD_MAX, - .set = dp_vs_set_svc, + .set = dp_vs_service_set, .get_opt_min = SOCKOPT_SVC_BASE, .get_opt_max = SOCKOPT_SVC_MAX, - .get = dp_vs_get_svc, + .get = dp_vs_service_get, }; static int flush_msg_cb(struct dpvs_msg *msg) { - - return dp_vs_set_svc(DPVS_SO_SET_FLUSH, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_FLUSH, msg->data, msg->len); } static int zero_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_ZERO, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_ZERO, msg->data, msg->len); } static int add_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_ADD, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_ADD, msg->data, msg->len); } static int edit_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_EDIT, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_EDIT, msg->data, msg->len); } static int del_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_DEL, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_DEL, msg->data, msg->len); } static int adddest_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_ADDDEST, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_ADDDEST, msg->data, msg->len); } static int editdest_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_EDITDEST, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_EDITDEST, msg->data, msg->len); } static int deldest_msg_cb(struct dpvs_msg *msg) { - return dp_vs_set_svc(DPVS_SO_SET_DELDEST, msg->data, msg->len); + return dp_vs_service_set(DPVS_SO_SET_DELDEST, msg->data, msg->len); } int dp_vs_service_init(void) @@ -1604,7 +1607,7 @@ int dp_vs_service_init(void) err = msg_type_mc_register(&msg_type); if (err != EDPVS_OK) { RTE_LOG(ERR, SERVICE, "%s: fail to register msg.\n", __func__); - return err; + return err; } memset(&msg_type, 0, sizeof(struct dpvs_msg_type)); @@ -1660,7 +1663,7 @@ int dp_vs_service_init(void) msg_type.mode = DPVS_MSG_MULTICAST; msg_type.prio = MSG_PRIO_LOW; msg_type.cid = rte_lcore_id(); - msg_type.unicast_msg_cb = dp_vs_get_services_uc_cb; + msg_type.unicast_msg_cb = dp_vs_services_get_uc_cb; err = msg_type_mc_register(&msg_type); if (err != EDPVS_OK) { RTE_LOG(ERR, SERVICE, "%s: fail to register msg.\n", __func__); @@ -1672,7 +1675,7 @@ int dp_vs_service_init(void) msg_type.mode = DPVS_MSG_MULTICAST; msg_type.prio = MSG_PRIO_LOW; msg_type.cid = rte_lcore_id(); - msg_type.unicast_msg_cb = dp_vs_get_service_uc_cb; + msg_type.unicast_msg_cb = dp_vs_service_get_uc_cb; err = msg_type_mc_register(&msg_type); if (err != EDPVS_OK) { RTE_LOG(ERR, SERVICE, "%s: fail to register msg.\n", __func__); @@ -1684,7 +1687,7 @@ int dp_vs_service_init(void) msg_type.mode = DPVS_MSG_MULTICAST; msg_type.prio = MSG_PRIO_LOW; msg_type.cid = rte_lcore_id(); - msg_type.unicast_msg_cb = dp_vs_get_dests_uc_cb; + msg_type.unicast_msg_cb = dp_vs_dests_get_uc_cb; err = msg_type_mc_register(&msg_type); if (err != EDPVS_OK) { RTE_LOG(ERR, SERVICE, "%s: fail to register msg.\n", __func__); @@ -1698,7 +1701,7 @@ int dp_vs_service_term(void) { int cid; for (cid = 0; cid < DPVS_MAX_LCORE; cid++) { - dp_vs_flush(cid); + dp_vs_services_flush(cid); } dp_vs_dest_term(); return EDPVS_OK; diff --git a/src/ipvs/ip_vs_stats.c b/src/ipvs/ip_vs_stats.c index 664f27877..d385fb2b0 100644 --- a/src/ipvs/ip_vs_stats.c +++ b/src/ipvs/ip_vs_stats.c @@ -40,7 +40,7 @@ void dp_vs_stats_clear(struct dp_vs_stats *stats) stats->outbytes = 0; } -int dp_vs_add_stats(struct dp_vs_stats* dst, struct dp_vs_stats* src) +int dp_vs_stats_add(struct dp_vs_stats *dst, struct dp_vs_stats *src) { dst->conns += src->conns; dst->inpkts += src->inpkts; @@ -55,7 +55,7 @@ int dp_vs_stats_in(struct dp_vs_conn *conn, struct rte_mbuf *mbuf) assert(conn && mbuf); struct dp_vs_dest *dest = conn->dest; - if (dest && (dest->flags & DPVS_DEST_F_AVAILABLE)) { + if (dest && dp_vs_dest_is_avail(dest)) { /*limit rate*/ if ((dest->limit_proportion < 100) && (dest->limit_proportion > 0)) { @@ -82,7 +82,7 @@ int dp_vs_stats_out(struct dp_vs_conn *conn, struct rte_mbuf *mbuf) assert(conn && mbuf); struct dp_vs_dest *dest = conn->dest; - if (dest && (dest->flags & DPVS_DEST_F_AVAILABLE)) { + if (dest && dp_vs_dest_is_avail(dest)) { /*limit rate*/ if ((dest->limit_proportion < 100) && (dest->limit_proportion > 0)) { diff --git a/src/ipvs/ip_vs_synproxy.c b/src/ipvs/ip_vs_synproxy.c index 2fc967709..c479d16e5 100644 --- a/src/ipvs/ip_vs_synproxy.c +++ b/src/ipvs/ip_vs_synproxy.c @@ -700,7 +700,8 @@ int dp_vs_synproxy_syn_rcv(int af, struct rte_mbuf *mbuf, } /* drop packet from blacklist */ - if (dp_vs_blklst_lookup(iph->proto, &iph->daddr, th->dest, &iph->saddr)) { + if (dp_vs_blklst_lookup(iph->af, iph->proto, &iph->daddr, + th->dest, &iph->saddr)) { goto syn_rcv_out; } } else { diff --git a/src/log.c b/src/log.c index 71b5b7570..342bc21f2 100644 --- a/src/log.c +++ b/src/log.c @@ -117,7 +117,7 @@ static uint64_t log_get_time(char *time, int time_len) y004 = (ad - y400*YEAR400 - y100*YEAR100)/YEAR004; y001 = (ad - y400*YEAR400 - y100*YEAR100 - y004*YEAR004)/YEAR001; yy = y400*4*100 + y100*100 + y004*4 + y001*1 + YEARFIRST; - dd = (ad - y400*YEAR400 - y100*YEAR100 - y004*YEAR004)%YEAR001; + dd = (ad - y400*YEAR400 - y100*YEAR100 - y004*YEAR004)%YEAR001 + 1; if(0 == yy%1000) { @@ -131,9 +131,9 @@ static uint64_t log_get_time(char *time, int time_len) m[1] = 29; } } - for(i = 1; i <= 12; i++) + for(i = 0; i < 12; i++) { - if(dd - m[i] < 0) + if(dd - m[i] <= 0) { break; } else { @@ -141,7 +141,7 @@ static uint64_t log_get_time(char *time, int time_len) } } - mm = i; + mm = i + 1; hh = sec/(60*60)%24; mi = sec/60 - sec/(60*60)*60; ss = sec - sec/60*60; diff --git a/src/netif.c b/src/netif.c index a4ec6d752..6ad82a26e 100644 --- a/src/netif.c +++ b/src/netif.c @@ -1263,36 +1263,34 @@ static void netif_get_isol_rx_lcores(uint8_t *nb, uint64_t *mask) *mask = isol_lcore_mask; } -static void build_lcore_index(int lcore_max) +static void build_lcore_index(void) { - int idx = 0, ii; + int i, idx = 0; g_lcore_index[idx++] = rte_get_master_lcore(); - for (ii = 0; ii < lcore_max; ii++) - if (g_lcore_role[ii] == LCORE_ROLE_FWD_WORKER) - g_lcore_index[idx++] = ii; + for (i = 0; i < DPVS_MAX_LCORE; i++) + if (g_lcore_role[i] == LCORE_ROLE_FWD_WORKER) + g_lcore_index[idx++] = i; - for (ii = 0; ii < lcore_max; ii++) - if (g_lcore_role[ii] == LCORE_ROLE_ISOLRX_WORKER) - g_lcore_index[idx++] = ii; + for (i = 0; i < DPVS_MAX_LCORE; i++) + if (g_lcore_role[i] == LCORE_ROLE_ISOLRX_WORKER) + g_lcore_index[idx++] = i; + + g_lcore_num = idx; } static void lcore_role_init(void) { - int i, cid, lcore_max_count; + int i, cid; - lcore_max_count = rte_lcore_count(); - if (lcore_max_count > DPVS_MAX_LCORE) - lcore_max_count = DPVS_MAX_LCORE; - else - for (cid = lcore_max_count; cid < DPVS_MAX_LCORE; cid++) - g_lcore_role[cid] = LCORE_ROLE_MAX; // invalidate nonexistent lcores - for (cid = 0; cid < lcore_max_count; cid++) + for (cid = 0; cid < DPVS_MAX_LCORE; cid++) if (!rte_lcore_is_enabled(cid)) - g_lcore_role[cid] = LCORE_ROLE_MAX; // invalidate disabled lcores + /* invalidate the disabled cores */ + g_lcore_role[cid] = LCORE_ROLE_MAX; cid = rte_get_master_lcore(); + assert(g_lcore_role[cid] == LCORE_ROLE_IDLE); g_lcore_role[cid] = LCORE_ROLE_MASTER; @@ -1304,17 +1302,18 @@ static void lcore_role_init(void) i++; } - for (cid = 0; cid < lcore_max_count; cid++) { + for (cid = 0; cid < DPVS_MAX_LCORE; cid++) { if (!list_empty(&isol_rxq_tab[cid])) { assert(g_lcore_role[cid] == LCORE_ROLE_IDLE); g_lcore_role[cid] = LCORE_ROLE_ISOLRX_WORKER; } } - build_lcore_index(lcore_max_count); + build_lcore_index(); for (cid = 0; cid < DPVS_MAX_LCORE; cid++) - printf("[%02d]\t\t\t%s\n", cid, dpvs_lcore_role_str(g_lcore_role[cid])); + RTE_LOG(INFO, NETIF, "[%02d]: %s\n", + cid, dpvs_lcore_role_str(g_lcore_role[cid])); } static inline void netif_copy_lcore_stats(struct netif_lcore_stats *stats) diff --git a/src/sa_pool.c b/src/sa_pool.c index 618925ff6..bf9f5d5bb 100644 --- a/src/sa_pool.c +++ b/src/sa_pool.c @@ -624,7 +624,7 @@ static int sa4_fetch(struct netif_port *dev, fl.fl4_saddr.s_addr = saddr ? saddr->sin_addr.s_addr : htonl(INADDR_ANY); rt = route4_output(&fl); if (!rt) - return EDPVS_NOROUTE;; + return EDPVS_NOROUTE; /* select source address. */ if (!rt->src.s_addr) { @@ -700,7 +700,7 @@ static int sa6_fetch(struct netif_port *dev, fl6.fl6_saddr= saddr->sin6_addr; rt6 = route6_output(NULL, &fl6); if (!rt6) - return EDPVS_NOROUTE;; + return EDPVS_NOROUTE; /* select source address. */ if (ipv6_addr_any(&rt6->rt6_src.addr)) { diff --git a/src/scheduler.c b/src/scheduler.c index 3922f6bc6..e6eef12a3 100644 --- a/src/scheduler.c +++ b/src/scheduler.c @@ -32,21 +32,18 @@ struct dpvs_role_str { const char *dpvs_lcore_role_str(dpvs_lcore_role_t role) { - int i; - const static struct dpvs_role_str role_str_tab[] = { - { LCORE_ROLE_IDLE, "lcore_role_idle" }, - { LCORE_ROLE_MASTER, "lcore_role_master" }, - { LCORE_ROLE_FWD_WORKER, "lcore_role_fwd_worker"}, - { LCORE_ROLE_ISOLRX_WORKER, "lcore_role_isolrx_worker"}, - { LCORE_ROLE_MAX, "lcore_role_null"}, + static const char *role_str_tab[] = { + [LCORE_ROLE_IDLE] = "lcre_role_idle", + [LCORE_ROLE_MASTER] = "lcre_role_master", + [LCORE_ROLE_FWD_WORKER] = "lcre_role_fwd_worker", + [LCORE_ROLE_ISOLRX_WORKER] = "lcre_role_isolrx_worker", + [LCORE_ROLE_MAX] = "lcre_role_null" }; - for (i = 0; i < NELEMS(role_str_tab); i++) { - if (role == role_str_tab[i].role) - return role_str_tab[i].str; - } - - return "lcore_role_unkown"; + if (likely(role >= LCORE_ROLE_IDLE && role <= LCORE_ROLE_MAX)) + return role_str_tab[role]; + else + return "lcore_role_unknown"; } int dpvs_scheduler_init(void) diff --git a/tools/dpip/iftraf.c b/tools/dpip/iftraf.c index 73b5365dc..c83a8fa4d 100644 --- a/tools/dpip/iftraf.c +++ b/tools/dpip/iftraf.c @@ -1,155 +1,155 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#include -#include -#include -#include -#include "conf/common.h" -#include "dpip.h" -#include "conf/inetaddr.h" -#include "conf/iftraf.h" -#include "sockopt.h" - - -static void iftraf_help(void) -{ - fprintf(stderr, - "Usage:\n" - " dpip iftraf [enable | disable]\n" - " dpip iftraf show\n" - ); -} - -static void iftraf_dump(const struct iftraf_param *param) -{ - if (AF_INET == param->af) { - printf("%s, [%s, %u -> ", - param->ifname, inet_ntoa(param->saddr.in), ntohs(param->sport)); - printf("%s, %u | %u], [%u, %u]", - inet_ntoa(param->daddr.in), ntohs(param->dport), param->proto, param->total_recv, param->total_sent); - - } else if (AF_INET6 == param->af) { - char src_addr[INET6_ADDRSTRLEN]; - char dst_addr[INET6_ADDRSTRLEN]; - - inet_ntop(AF_INET6, ¶m->saddr.in6, src_addr, INET6_ADDRSTRLEN); - inet_ntop(AF_INET6, ¶m->daddr.in6, dst_addr, INET6_ADDRSTRLEN); - - printf("%s, [%s, %u -> %s, %u | %u], [%u, %u]", - param->ifname, src_addr, ntohs(param->sport), dst_addr, ntohs(param->dport), param->proto, param->total_recv, param->total_sent); - - } else { - printf("unsupported"); - } - - printf("\n"); - return; -} - -static int iftraf_parse_args(struct dpip_conf *conf, - struct dp_vs_iftraf_conf *iftraf_conf) -{ - memset(iftraf_conf, 0, sizeof(*iftraf_conf)); - - while (conf->argc > 0) { - if (strcmp(conf->argv[0], "dev") == 0) { - NEXTARG_CHECK(conf, "dev"); - snprintf(iftraf_conf->ifname, sizeof(iftraf_conf->ifname), "%s", conf->argv[0]); - } - NEXTARG(conf); - } - - if (conf->argc > 0) { - fprintf(stderr, "too many arguments\n"); - return -1; - } - - return 0; -} - -static int iftraf_do_cmd(struct dpip_obj *obj, dpip_cmd_t cmd, - struct dpip_conf *conf) -{ - size_t size; - int err, i; - struct dp_vs_iftraf_conf iftraf_conf; - struct iftraf_param iftraf_param; - struct iftraf_param_array *iftraf_array; - - if (iftraf_parse_args(conf, &iftraf_conf) != 0) - return EDPVS_INVAL; - - switch (conf->cmd) { - case DPIP_CMD_ADD: - return dpvs_setsockopt(SOCKOPT_SET_IFTRAF_ADD, &iftraf_param, sizeof(iftraf_param)); - case DPIP_CMD_DEL: - return dpvs_setsockopt(SOCKOPT_SET_IFTRAF_DEL, &iftraf_param, sizeof(iftraf_param)); - case DPIP_CMD_SHOW: - err = dpvs_getsockopt(SOCKOPT_GET_IFTRAF_SHOW, &iftraf_conf, sizeof(iftraf_conf), - (void **)&iftraf_array, &size); - if (err != 0) - return err; - - if (iftraf_array == NULL) { - fprintf(stderr, "warnning: disabled.\n"); - return EDPVS_OK; - - } - - if (size <= sizeof(*iftraf_array) - || size != sizeof(*iftraf_array) + \ - iftraf_array->ntrafs * sizeof(struct iftraf_param)) { - fprintf(stderr, "response nstats : %d.\n", iftraf_array->ntrafs); - dpvs_sockopt_msg_free(iftraf_array); - return EDPVS_NOTEXIST; - } - - //printf("-------------top10 iftraf[in the last 20s]----------\n"); - if (strcmp(iftraf_conf.ifname, "all") == 0) { - for (i = 0; i < iftraf_array->ntrafs; i++) { - printf("top%d: ", i + 1); - iftraf_dump(&iftraf_array->iftraf[i]); - } - } else { - for (i = iftraf_array->ntrafs - 1; i >= 0; i--) { - printf("top%d: ", iftraf_array->ntrafs - i); - iftraf_dump(&iftraf_array->iftraf[i]); - } - } - dpvs_sockopt_msg_free(iftraf_array); - return EDPVS_OK; - default: - return EDPVS_NOTSUPP; - } -} - -struct dpip_obj dpip_iftraf = { - .name = "iftraf", - .help = iftraf_help, - .do_cmd = iftraf_do_cmd, -}; - -static void __init iftraf_init(void) -{ - dpip_register_obj(&dpip_iftraf); -} - -static void __exit iftraf_exit(void) -{ - dpip_unregister_obj(&dpip_iftraf); -} +/* + * DPVS is a software load balancer (Virtual Server) based on DPDK. + * + * Copyright (C) 2017 iQIYI (www.iqiyi.com). + * All Rights Reserved. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ +#include +#include +#include +#include +#include "conf/common.h" +#include "dpip.h" +#include "conf/inetaddr.h" +#include "conf/iftraf.h" +#include "sockopt.h" + + +static void iftraf_help(void) +{ + fprintf(stderr, + "Usage:\n" + " dpip iftraf [enable | disable]\n" + " dpip iftraf show\n" + ); +} + +static void iftraf_dump(const struct iftraf_param *param) +{ + if (AF_INET == param->af) { + printf("%s, [%s, %u -> ", + param->ifname, inet_ntoa(param->saddr.in), ntohs(param->sport)); + printf("%s, %u | %u], [%u, %u]", + inet_ntoa(param->daddr.in), ntohs(param->dport), param->proto, param->total_recv, param->total_sent); + + } else if (AF_INET6 == param->af) { + char src_addr[INET6_ADDRSTRLEN]; + char dst_addr[INET6_ADDRSTRLEN]; + + inet_ntop(AF_INET6, ¶m->saddr.in6, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET6, ¶m->daddr.in6, dst_addr, INET6_ADDRSTRLEN); + + printf("%s, [%s, %u -> %s, %u | %u], [%u, %u]", + param->ifname, src_addr, ntohs(param->sport), dst_addr, ntohs(param->dport), param->proto, param->total_recv, param->total_sent); + + } else { + printf("unsupported"); + } + + printf("\n"); + return; +} + +static int iftraf_parse_args(struct dpip_conf *conf, + struct dp_vs_iftraf_conf *iftraf_conf) +{ + memset(iftraf_conf, 0, sizeof(*iftraf_conf)); + + while (conf->argc > 0) { + if (strcmp(conf->argv[0], "dev") == 0) { + NEXTARG_CHECK(conf, "dev"); + snprintf(iftraf_conf->ifname, sizeof(iftraf_conf->ifname), "%s", conf->argv[0]); + } + NEXTARG(conf); + } + + if (conf->argc > 0) { + fprintf(stderr, "too many arguments\n"); + return -1; + } + + return 0; +} + +static int iftraf_do_cmd(struct dpip_obj *obj, dpip_cmd_t cmd, + struct dpip_conf *conf) +{ + size_t size; + int err, i; + struct dp_vs_iftraf_conf iftraf_conf; + struct iftraf_param iftraf_param; + struct iftraf_param_array *iftraf_array; + + if (iftraf_parse_args(conf, &iftraf_conf) != 0) + return EDPVS_INVAL; + + switch (conf->cmd) { + case DPIP_CMD_ADD: + return dpvs_setsockopt(SOCKOPT_SET_IFTRAF_ADD, &iftraf_param, sizeof(iftraf_param)); + case DPIP_CMD_DEL: + return dpvs_setsockopt(SOCKOPT_SET_IFTRAF_DEL, &iftraf_param, sizeof(iftraf_param)); + case DPIP_CMD_SHOW: + err = dpvs_getsockopt(SOCKOPT_GET_IFTRAF_SHOW, &iftraf_conf, sizeof(iftraf_conf), + (void **)&iftraf_array, &size); + if (err != 0) + return err; + + if (iftraf_array == NULL) { + fprintf(stderr, "warnning: disabled.\n"); + return EDPVS_OK; + + } + + if (size <= sizeof(*iftraf_array) + || size != sizeof(*iftraf_array) + \ + iftraf_array->ntrafs * sizeof(struct iftraf_param)) { + fprintf(stderr, "response nstats : %d.\n", iftraf_array->ntrafs); + dpvs_sockopt_msg_free(iftraf_array); + return EDPVS_NOTEXIST; + } + + //printf("-------------top10 iftraf[in the last 20s]----------\n"); + if (strcmp(iftraf_conf.ifname, "all") == 0) { + for (i = 0; i < iftraf_array->ntrafs; i++) { + printf("top%d: ", i + 1); + iftraf_dump(&iftraf_array->iftraf[i]); + } + } else { + for (i = iftraf_array->ntrafs - 1; i >= 0; i--) { + printf("top%d: ", iftraf_array->ntrafs - i); + iftraf_dump(&iftraf_array->iftraf[i]); + } + } + dpvs_sockopt_msg_free(iftraf_array); + return EDPVS_OK; + default: + return EDPVS_NOTSUPP; + } +} + +struct dpip_obj dpip_iftraf = { + .name = "iftraf", + .help = iftraf_help, + .do_cmd = iftraf_do_cmd, +}; + +static void __init iftraf_init(void) +{ + dpip_register_obj(&dpip_iftraf); +} + +static void __exit iftraf_exit(void) +{ + dpip_unregister_obj(&dpip_iftraf); +} diff --git a/tools/ipvsadm/ipvsadm.c b/tools/ipvsadm/ipvsadm.c index 2092bc6d8..9a57561bf 100644 --- a/tools/ipvsadm/ipvsadm.c +++ b/tools/ipvsadm/ipvsadm.c @@ -350,13 +350,9 @@ static void list_daemon(void); static int list_laddrs(ipvs_service_t *svc, int with_title, lcoreid_t cid); static int list_all_laddrs(lcoreid_t cid); static void list_blklsts_print_title(void); -static int list_blklst(uint32_t addr_v4, uint16_t port, uint16_t protocol); +static int list_blklst(int af, const union nf_inet_addr *addr, uint16_t port, uint16_t protocol); static int list_all_blklsts(void); -#if 0 -static int modprobe_ipvs(void); -static void check_ipvs_version(void); -#endif static int process_options(int argc, char **argv, int reading_stdin); @@ -1046,7 +1042,7 @@ static int process_options(int argc, char **argv, int reading_stdin) case CMD_GETBLKLST: if(options & OPT_SERVICE) { list_blklsts_print_title(); - result = list_blklst(ce.svc.nf_addr.ip, ce.svc.user.port, ce.svc.user.protocol); + result = list_blklst(ce.svc.af, &ce.svc.nf_addr, ce.svc.user.port, ce.svc.user.protocol); } else result = list_all_blklsts(); @@ -1526,7 +1522,7 @@ static void usage_exit(const char *program, const int exit_status) " --exact expand numbers (display exact values)\n" " --thresholds output of thresholds information\n" " --persistent-conn output of persistent connection info\n" - " --sockpair output connection info of specified socket pair (proto:sip:sport:tip:tport)" + " --sockpair output connection info of specified socket pair (proto:sip:sport:tip:tport)\n" " --nosort disable sorting output of service/server entries\n" " --sort does nothing, for backwards compatibility\n" " --ops -o one-packet scheduling\n" @@ -1836,7 +1832,6 @@ print_service_entry(ipvs_service_entry_t *se, unsigned int format, lcoreid_t cid free(vname); } else { /* match */ char *proto; - char af[10]; if (se->user.protocol == IPPROTO_TCP) proto = "tcp"; @@ -1847,25 +1842,17 @@ print_service_entry(ipvs_service_entry_t *se, unsigned int format, lcoreid_t cid else proto = "icmpv6"; - if (se->af == AF_INET) - sprintf(af, "ipv4"); - else if (se->af == AF_INET6) - sprintf(af, "ipv6"); - if (format & FMT_RULE) { snprintf(svc_name, sizeof(svc_name), - "-H af=%s, proto=%s,src-range=%s,dst-range=%s,iif=%s,oif=%s", - af, proto, se->user.srange, se->user.drange, se->user.iifname, se->user.oifname); + "-H proto=%s,src-range=%s,dst-range=%s,iif=%s,oif=%s", + proto, se->user.srange, se->user.drange, se->user.iifname, se->user.oifname); } else { int left = sizeof(svc_name); svc_name[0] = '\0'; left -= snprintf(svc_name + strlen(svc_name), left, - "af=%s", af); - - left -= snprintf(svc_name + strlen(svc_name), left, - ",MATCH %s", proto); + "MATCH %s", proto); if (strcmp(se->user.srange, "[::-::]:0-0") != 0 && strcmp(se->user.srange, "0.0.0.0-0.0.0.0:0-0") != 0) @@ -2117,7 +2104,7 @@ static int list_all_laddrs(lcoreid_t cid) static void list_blklsts_print_title(void) { - printf("%-20s %-8s %-20s\n" , + printf("%-20s %-8s %-20s\n", "VIP:VPORT" , "PROTO" , "BLACKLIST"); @@ -2125,37 +2112,63 @@ static void list_blklsts_print_title(void) static void print_service_and_blklsts(struct dp_vs_blklst_conf *blklst) { - char pbuf_v[32], pbuf_d[32], port[6]; - sprintf(pbuf_v , "%u.%u.%u.%u" , PRINT_NIP(blklst->vaddr.in.s_addr)); - sprintf(pbuf_d , "%u.%u.%u.%u" , PRINT_NIP(blklst->blklst.in.s_addr)); - sprintf(port, "%d", ntohs(blklst->vport)); - if (blklst->proto ==IPPROTO_TCP) - printf("%s:%-8s %-8s %-20s\n" , pbuf_v, port, "TCP", pbuf_d); - else if(blklst->proto ==IPPROTO_UDP) - printf("%s:%-8s %-8s %-20s\n" , pbuf_v, port, "UDP", pbuf_d); - else if (blklst->proto == IPPROTO_ICMP) - printf("%s:%-8s %-8s %-20s\n" , pbuf_v, port, "ICMP", pbuf_d); - else - printf("proto not support!"); + char vip[64], bip[64], port[8], proto[8]; + const char *pattern = (blklst->af == AF_INET ? + "%s:%-8s %-8s %-20s\n" : "[%s]:%-8s %-8s %-20s\n"); + + switch (blklst->proto) { + case IPPROTO_TCP: + snprintf(proto, sizeof(proto), "%s", "TCP"); + break; + case IPPROTO_UDP: + snprintf(proto, sizeof(proto), "%s", "UDP"); + break; + case IPPROTO_ICMP: + snprintf(proto, sizeof(proto), "%s", "ICMP"); + break; + case IPPROTO_ICMPV6: + snprintf(proto, sizeof(proto), "%s", "IMCPv6"); + break; + default: + break; + } + + snprintf(port, sizeof(port), "%u", ntohs(blklst->vport)); + + printf(pattern, inet_ntop(blklst->af, (const void *)&blklst->vaddr, vip, sizeof(vip)), + port, proto, inet_ntop(blklst->af, (const void *)&blklst->blklst, bip, sizeof(bip))); } -static int list_blklst(uint32_t addr_v4, uint16_t port, uint16_t protocol) +static bool inet_addr_equal(int af, const union nf_inet_addr *a1, const union nf_inet_addr *a2) +{ + switch (af) { + case AF_INET: + return a1->ip == a2->ip; + case AF_INET6: + return IN6_ARE_ADDR_EQUAL(a1, a2); + default: + return memcmp(a1, a2, sizeof(union nf_inet_addr)) == 0; + } +} + +static int list_blklst(int af, const union nf_inet_addr *addr, uint16_t port, uint16_t protocol) { - struct dp_vs_blklst_conf_array *get; int i; + struct dp_vs_blklst_conf_array *get; + if (!(get = ipvs_get_blklsts())) { fprintf(stderr, "%s\n", ipvs_strerror(errno)); return -1; } for (i = 0; i < get->naddr; i++) { - if ( addr_v4== get->blklsts[i].vaddr.in.s_addr && - port == get->blklsts[i].vport&& - protocol == get->blklsts[i].proto) { + if (inet_addr_equal(af, addr,(const union nf_inet_addr *) &get->blklsts[i].vaddr) && + port == get->blklsts[i].vport && protocol == get->blklsts[i].proto) { print_service_and_blklsts(&get->blklsts[i]); } } free(get); + return 0; } @@ -2171,8 +2184,8 @@ static int list_all_blklsts(void) list_blklsts_print_title(); for (i = 0; i < get->user.num_services; i++) - list_blklst(get->user.entrytable[i].user.__addr_v4, get->user.entrytable[i].user.port, - get->user.entrytable[i].user.protocol); + list_blklst(get->user.entrytable[i].af, &get->user.entrytable[i].nf_addr, + get->user.entrytable[i].user.port, get->user.entrytable[i].user.protocol); free(get); return 0; } diff --git a/tools/keepalived/keepalived/check/check_daemon.c b/tools/keepalived/keepalived/check/check_daemon.c index 3e9ba93b5..d5623350f 100644 --- a/tools/keepalived/keepalived/check/check_daemon.c +++ b/tools/keepalived/keepalived/check/check_daemon.c @@ -257,28 +257,28 @@ start_checker_termination_thread(__attribute__((unused)) thread_ref_t thread) static void checker_queue_adj(void) { - unsigned i_checker; - unsigned checkers_total = LIST_SIZE(checkers_queue); - unsigned checkers_child_all = global_data->checker_queue_num? global_data->checker_queue_num : LIST_SIZE(checkers_queue); - - if (checkers_child_all > CHECKERS_CHILD_NUM_MAX) { - unsigned trim_tail = checkers_child_all - CHECKERS_CHILD_NUM_MAX; - unsigned trim_head = checkers_total - checkers_child_all; - - for (i_checker=0; i_checkertail); - for (i_checker=0; i_checkerhead); - global_data->checker_queue_num = trim_tail; - - start_check_child(); - } else { - unsigned trim_head = checkers_total - checkers_child_all; - - for (i_checker=0; i_checkerhead); - global_data->checker_queue_num = checkers_child_all; - } + unsigned i_checker; + unsigned checkers_total = LIST_SIZE(checkers_queue); + unsigned checkers_child_all = global_data->checker_queue_num? global_data->checker_queue_num : LIST_SIZE(checkers_queue); + + if (checkers_child_all > CHECKERS_CHILD_NUM_MAX) { + unsigned trim_tail = checkers_child_all - CHECKERS_CHILD_NUM_MAX; + unsigned trim_head = checkers_total - checkers_child_all; + + for (i_checker=0; i_checkertail); + for (i_checker=0; i_checkerhead); + global_data->checker_queue_num = trim_tail; + + start_check_child(); + } else { + unsigned trim_head = checkers_total - checkers_child_all; + + for (i_checker=0; i_checkerhead); + global_data->checker_queue_num = checkers_child_all; + } } /* Daemon stop sequence */ diff --git a/tools/keepalived/keepalived/check/check_data.c b/tools/keepalived/keepalived/check/check_data.c index d48fceab3..75ca413a8 100644 --- a/tools/keepalived/keepalived/check/check_data.c +++ b/tools/keepalived/keepalived/check/check_data.c @@ -53,6 +53,7 @@ alloc_ssl(void) { return (ssl_data_t *) MALLOC(sizeof(ssl_data_t)); } + void free_ssl(void) { @@ -71,10 +72,16 @@ free_ssl(void) FREE(ssl); check_data->ssl = NULL; } + static void dump_ssl(FILE *fp) { - ssl_data_t *ssl = check_data->ssl; + ssl_data_t *ssl; + + if (!check_data || !check_data->ssl) + return; + + ssl = check_data->ssl; if (!ssl->password && !ssl->cafile && !ssl->certfile && !ssl->keyfile) { conf_write(fp, " Using autogen SSL context"); @@ -98,10 +105,10 @@ free_vsg(void *data) virtual_server_group_t *vsg = data; FREE_PTR(vsg->gname); free_list(&vsg->addr_range); - free_list(&vsg->addr_ip); free_list(&vsg->vfwmark); FREE(vsg); } + static void dump_vsg(FILE *fp, const void *data) { @@ -110,14 +117,15 @@ dump_vsg(FILE *fp, const void *data) conf_write(fp, " ------< Virtual server group >------"); conf_write(fp, " Virtual Server Group = %s", vsg->gname); dump_list(fp, vsg->addr_range); - dump_list(fp, vsg->addr_ip); dump_list(fp, vsg->vfwmark); } + static void free_vsg_entry(void *data) { FREE(data); } + static void dump_vsg_entry(FILE *fp, const void *data) { @@ -149,6 +157,7 @@ dump_vsg_entry(FILE *fp, const void *data) } conf_write(fp, " reloaded = %s", vsg_entry->reloaded ? "True" : "False"); } + void alloc_vsg(const char *gname) { @@ -157,11 +166,11 @@ alloc_vsg(const char *gname) new = (virtual_server_group_t *) MALLOC(sizeof(virtual_server_group_t)); new->gname = STRDUP(gname); new->addr_range = alloc_list(free_vsg_entry, dump_vsg_entry); - new->addr_ip = alloc_list(free_vsg_entry, dump_vsg_entry); new->vfwmark = alloc_list(free_vsg_entry, dump_vsg_entry); list_add(check_data->vs_group, new); } + void alloc_vsg_entry(const vector_t *strvec) { @@ -245,7 +254,6 @@ alloc_vsg_entry(const vector_t *strvec) } new->is_fwmark = false; - list_add(vsg->addr_ip, new); list_add(vsg->addr_range, new); } } @@ -312,7 +320,6 @@ dump_forwarding_method(FILE *fp, const char *prefix, const real_server_t *rs) conf_write(fp, "default forwarding method = SNAT"); break; } - } static void @@ -434,7 +441,7 @@ dump_vs(FILE *fp, const void *data) conf_write(fp, " SYN proxy is %s", vs->syn_proxy ? "ON" : "OFF"); - switch (vs->hash_target) { + switch (vs->hash_target) { case IP_VS_SVC_F_SIP_HASH: conf_write(fp, " hash target = sip"); break; @@ -463,6 +470,7 @@ alloc_vs(const char *param1, const char *param2) new = (virtual_server_t *) MALLOC(sizeof(virtual_server_t)); new->af = AF_UNSPEC; + new->forwarding_method = IP_VS_CONN_F_FWD_MASK; /* So we can detect if it has been set */ if (!strcmp(param1, "group")) new->vsgname = STRDUP(param2); @@ -493,7 +501,7 @@ alloc_vs(const char *param1, const char *param2) new->af = new->addr.ss_family; #ifndef LIBIPVS_USE_NL if (new->af != AF_INET && new->af != AF_INET6) { - report_config_error(CONFIG_GENERAL_ERROR, "IPVS with IPv4 & IPv6 is supported only by this build"); + report_config_error(CONFIG_GENERAL_ERROR, "This IPVS build supports IPv4 and IPv6 only."); FREE(new); skip_block(true); return; @@ -510,7 +518,6 @@ alloc_vs(const char *param1, const char *param2) new->hysteresis = 0; new->quorum_state_up = true; new->flags = 0; - new->forwarding_method = IP_VS_CONN_F_FWD_MASK; /* So we can detect if it has been set */ new->connection_to = 5 * TIMER_HZ; new->delay_loop = KEEPALIVED_DEFAULT_DELAY; new->warmup = ULONG_MAX; @@ -550,15 +557,17 @@ dump_laddr_group(FILE *fp, const void *data) { const local_addr_group *laddr_group = data; - log_message(LOG_INFO, " local IP address group = %s", laddr_group->gname); + conf_write(fp, " local IP address group = %s", laddr_group->gname); dump_list(fp, laddr_group->addr_ip); dump_list(fp, laddr_group->range); } + static void free_laddr_entry(void *data) { FREE(data); } + static void dump_laddr_entry(FILE *fp, const void *data) { @@ -572,6 +581,7 @@ dump_laddr_entry(FILE *fp, const void *data) conf_write(fp, " IP = %s" , inet_sockaddrtos(&laddr_entry->addr)); } + void alloc_laddr_group(char *gname) { @@ -586,6 +596,7 @@ alloc_laddr_group(char *gname) list_add(check_data->laddr_group, new); } + void alloc_laddr_entry(const vector_t *strvec) { @@ -625,7 +636,7 @@ dump_blklst_group(FILE *fp, const void *data) { const blklst_addr_group *blklst_group = data; - log_message(LOG_INFO, " blacllist IP address group = %s", blklst_group->gname); + conf_write(fp, " blacllist IP address group = %s", blklst_group->gname); dump_list(fp, blklst_group->addr_ip); dump_list(fp, blklst_group->range); } @@ -687,6 +698,78 @@ alloc_blklst_entry(const vector_t *strvec) log_message(LOG_INFO, "invalid: blacklist IP address range %d", new->range); } +static void +free_tunnel_group(void *data) +{ + tunnel_group *group = data; + if (!group) + return; + + FREE_PTR(group->gname); + free_list(&group->tunnel_entry); + FREE(group); +} + +static void +dump_tunnel_group(FILE *fp, const void *data) +{ + const tunnel_group *group = data; + if (!group) + return; + + conf_write(fp, "tunnel group = %s", group->gname); + dump_list(fp, group->tunnel_entry); +} + +static void +free_tunnel_entry(void *data) +{ + if (!data) + return; + + FREE(data); +} + +static void +dump_tunnel_entry(FILE *fp, const void *data) +{ + const tunnel_entry *entry = data; + if (!entry) + return; + + conf_write(fp, "tunnel name = %s, local_ip = %s, remote_ip = %s," + " kind = %s, dev = %s", + entry->ifname, + inet_sockaddrtos(&entry->local), + inet_sockaddrtos(&entry->remote), + entry->kind, + entry->link); +} + +void alloc_tunnel(char *gname) +{ + int size = strlen(gname); + tunnel_group *new; + + new = (tunnel_group *) MALLOC(sizeof(tunnel_group)); + new->gname = (char *) MALLOC(size + 1); + memcpy(new->gname, gname, size); + new->tunnel_entry = alloc_list(free_tunnel_entry, dump_tunnel_entry); + list_add(check_data->tunnel_group, new); +} + +void alloc_tunnel_entry(char *name) +{ + tunnel_group *gtunnel = LIST_TAIL_DATA(check_data->tunnel_group); + tunnel_entry *new; + + new = (tunnel_entry *) MALLOC(sizeof(tunnel_entry)); + strncpy(new->ifname, name, sizeof(new->ifname) - 1); + + if (gtunnel->tunnel_entry) + list_add(gtunnel->tunnel_entry, new); +} + /* Sorry server facility functions */ void alloc_ssvr(const char *ip, const char *port) @@ -805,7 +888,7 @@ alloc_rs(const char *ip, const char *port) #ifndef LIBIPVS_USE_NL if (new->addr.ss_family != AF_INET && new->addr.ss_family != AF_INET6) { - report_config_error(CONFIG_GENERAL_ERROR, "IPVS does with IPv4 & ipV6 is supported only in this build - skipping %s/%s", ip, port); + report_config_error(CONFIG_GENERAL_ERROR, "This IPVS build supports IPv4 and IPv6 only - skipping %s/%s", ip, port); skip_block(true); FREE(new); return; @@ -814,7 +897,7 @@ alloc_rs(const char *ip, const char *port) #if !HAVE_DECL_IPVS_DEST_ATTR_ADDR_FAMILY if (vs->af != AF_UNSPEC && new->addr.ss_family != vs->af) { if (!(new->addr.ss_family == AF_INET && vs->af == AF_INET6)) { - report_config_error(CONFIG_GENERAL_ERROR, "Your dpvs with NAT4to4 or NAT6to6 or NAT6to4 is supported only by this build"); + report_config_error(CONFIG_GENERAL_ERROR, "This IPVS build supports NAT ipv4-to-ipv4, ipv6-to-ipv6, and ipv6-to-ipv4 only."); skip_block(true); FREE(new); return; @@ -889,6 +972,7 @@ alloc_check_data(void) #endif new->laddr_group = alloc_list(free_laddr_group, dump_laddr_group); new->blklst_group = alloc_list(free_blklst_group, dump_blklst_group); + new->tunnel_group = alloc_list(free_tunnel_group, dump_tunnel_group); return new; } @@ -905,6 +989,7 @@ free_check_data(check_data_t *data) #endif free_list(&data->laddr_group); free_list(&data->blklst_group); + free_list(&data->tunnel_group); FREE(data); } @@ -927,6 +1012,11 @@ dump_check_data(FILE *fp, check_data_t *data) dump_list(fp, data->vs_group); dump_list(fp, data->vs); } + if (!LIST_ISEMPTY(data->tunnel_group)) { + conf_write(fp, "------< Tunnel definitions >------"); + dump_list(fp, data->tunnel_group); + } + dump_checkers_queue(fp); #ifdef _WITH_BFD_ @@ -945,6 +1035,62 @@ dump_data_check(FILE *fp) dump_check_data(fp, check_data); } +char *dump_vs_match(const virtual_server_t *vs) +{ + static char vs_str[1024]; + size_t slen = 0; + + vs_str[0] = '\0'; + + switch (vs->service_type) { + case IPPROTO_TCP: + snprintf(vs_str, sizeof(vs_str) - 1, "%s", "tcp"); + break; + case IPPROTO_UDP: + snprintf(vs_str, sizeof(vs_str) - 1, "%s", "udp"); + break; + case IPPROTO_ICMP: + snprintf(vs_str, sizeof(vs_str) - 1, "%s", "icmp"); + break; + case IPPROTO_ICMPV6: + snprintf(vs_str, sizeof(vs_str) - 1, "%s", "icmp6"); + break; + default: + snprintf(vs_str, sizeof(vs_str) - 1, "%s", "unkown"); + break; + } + + if (vs->srange[0]) { + slen = strlen(vs_str); + if (slen + 1 >= sizeof(vs_str)) + return vs_str; + snprintf(&vs_str[slen], sizeof(vs_str) - slen - 1, ",from=%s", vs->srange); + } + + if (vs->drange[0]) { + slen = strlen(vs_str); + if (slen + 1 >= sizeof(vs_str)) + return vs_str; + snprintf(&vs_str[slen], sizeof(vs_str) - slen - 1, ",to=%s", vs->drange); + } + + if (vs->iifname[0]) { + slen = strlen(vs_str); + if (slen + 1 >= sizeof(vs_str)) + return vs_str; + snprintf(&vs_str[slen], sizeof(vs_str) - slen - 1, ",iif=%s", vs->iifname); + } + + if (vs->oifname[0]) { + slen = strlen(vs_str); + if (slen + 1 >= sizeof(vs_str)) + return vs_str; + snprintf(&vs_str[slen], sizeof(vs_str) - slen - 1, ",oif=%s", vs->oifname); + } + + return vs_str; +} + const char * format_vs(const virtual_server_t *vs) { @@ -952,11 +1098,13 @@ format_vs(const virtual_server_t *vs) static char ret[512]; if (vs->vsgname) - snprintf (ret, sizeof (ret) - 1, "[%s]:%d" + snprintf(ret, sizeof(ret) - 1, "[%s]:%d" , vs->vsgname , ntohs(inet_sockaddrport(&vs->addr))); else if (vs->vfwmark) - snprintf (ret, sizeof (ret) - 1, "FWM %u", vs->vfwmark); + snprintf(ret, sizeof(ret) - 1, "FWM %u", vs->vfwmark); + else if (vs->srange[0] || vs->drange[0] || vs->iifname[0] || vs->oifname[0]) + snprintf(ret, sizeof(ret) - 1, "MATCH %s", dump_vs_match(vs)); else snprintf(ret, sizeof(ret) - 1, "%s" , inet_sockaddrtotrio(&vs->addr, vs->service_type)); @@ -1092,7 +1240,8 @@ bool validate_check_config(void) #endif /* Check port specified for udp/tcp/sctp unless persistent */ - if (!vs->persistence_timeout && + if (vs->forwarding_method != IP_VS_CONN_F_SNAT && + !vs->persistence_timeout && !vs->vsg && !inet_sockaddrport(&vs->addr)) { report_config_error(CONFIG_GENERAL_ERROR, "Virtual server %s: zero port only valid for persistent services - setting", FMT_VS(vs)); @@ -1103,7 +1252,8 @@ bool validate_check_config(void) /* If a virtual server group with addresses has persistence not set, * make sure all the address blocks have a port, otherwise set * persistence. */ - if (!vs->persistence_timeout && vs->vsg) { + if (vs->forwarding_method != IP_VS_CONN_F_SNAT && + !vs->persistence_timeout && vs->vsg) { LIST_FOREACH(vs->vsg->addr_range, vsge, e1) { if (!inet_sockaddrport(&vsge->addr)) { report_config_error(CONFIG_GENERAL_ERROR, "Virtual server %s: zero port only valid for persistent services - setting", FMT_VS(vs)); @@ -1207,24 +1357,24 @@ bool validate_check_config(void) if (vs->vsg) { if (!LIST_ISEMPTY(vs->vsg->vfwmark)) { LIST_FOREACH(vs->rs, rs, e1) { - if (rs->forwarding_method == IP_VS_CONN_F_MASQ) + if (rs->forwarding_method == IP_VS_CONN_F_MASQ || rs->forwarding_method == IP_VS_CONN_F_FULLNAT) continue; if (inet_sockaddrport(&rs->addr)) log_message(LOG_INFO, "WARNING - fwmark virtual server %s, real server %s has port specified - port will be ignored", FMT_VS(vs), FMT_RS(rs, vs)); } - if (vs->s_svr && vs->s_svr->forwarding_method != IP_VS_CONN_F_MASQ && + if (vs->s_svr && vs->s_svr->forwarding_method != IP_VS_CONN_F_MASQ && vs->s_svr->forwarding_method != IP_VS_CONN_F_FULLNAT && inet_sockaddrport(&vs->s_svr->addr)) log_message(LOG_INFO, "WARNING - fwmark virtual server %s, sorry server has port specified - port will be ignored", FMT_VS(vs)); } LIST_FOREACH(vs->vsg->addr_range, vsge, e1) { LIST_FOREACH(vs->rs, rs, e2) { - if (rs->forwarding_method == IP_VS_CONN_F_MASQ) + if (rs->forwarding_method == IP_VS_CONN_F_MASQ || rs->forwarding_method == IP_VS_CONN_F_FULLNAT) continue; if (inet_sockaddrport(&rs->addr) && inet_sockaddrport(&vsge->addr) != inet_sockaddrport(&rs->addr)) report_config_error(CONFIG_GENERAL_ERROR, "virtual server %s:[%s] and real server %s ports don't match", FMT_VS(vs), format_vsge(vsge), FMT_RS(rs, vs)); } - if (vs->s_svr && vs->s_svr->forwarding_method != IP_VS_CONN_F_MASQ && + if (vs->s_svr && vs->s_svr->forwarding_method != IP_VS_CONN_F_MASQ && vs->s_svr->forwarding_method != IP_VS_CONN_F_FULLNAT && inet_sockaddrport(&vs->s_svr->addr) && inet_sockaddrport(&vsge->addr) != inet_sockaddrport(&vs->s_svr->addr)) log_message(LOG_INFO, "WARNING - virtual server %s, sorry server has port specified - port will be ignored", FMT_VS(vs)); @@ -1238,6 +1388,9 @@ bool validate_check_config(void) continue; } + if (rs->forwarding_method == IP_VS_CONN_F_FULLNAT) + continue; + if (vs->vfwmark) { if (inet_sockaddrport(&rs->addr)) { report_config_error(CONFIG_GENERAL_ERROR, "WARNING - fwmark virtual server %s, real server %s has port specified - clearing", FMT_VS(vs), FMT_RS(rs, vs)); @@ -1254,7 +1407,7 @@ bool validate_check_config(void) } /* Check any sorry server */ - if (vs->s_svr && vs->s_svr->forwarding_method != IP_VS_CONN_F_MASQ) { + if (vs->s_svr && vs->s_svr->forwarding_method != IP_VS_CONN_F_MASQ && vs->s_svr->forwarding_method != IP_VS_CONN_F_FULLNAT) { if (vs->vfwmark) { if (inet_sockaddrport(&vs->s_svr->addr)) { log_message(LOG_INFO, "WARNING - virtual server %s, sorry server has port specified - clearing", FMT_VS(vs)); diff --git a/tools/keepalived/keepalived/check/check_http.c b/tools/keepalived/keepalived/check/check_http.c index c490ff026..81fcccb89 100644 --- a/tools/keepalived/keepalived/check/check_http.c +++ b/tools/keepalived/keepalived/check/check_http.c @@ -327,7 +327,6 @@ dump_http_get_check(FILE *fp, const checker_t *checker) dump_list(fp, http_get_chk->url); if (http_get_chk->failed_url) conf_write(fp, " Failed URL = %s", http_get_chk->failed_url->path); - } static http_checker_t * alloc_http_get(const char *proto) diff --git a/tools/keepalived/keepalived/check/check_parser.c b/tools/keepalived/keepalived/check/check_parser.c index f11ea62f1..c6a8fd777 100644 --- a/tools/keepalived/keepalived/check/check_parser.c +++ b/tools/keepalived/keepalived/check/check_parser.c @@ -51,7 +51,7 @@ /* List of valid schedulers */ static const char *lvs_schedulers[] = - {"rr", "wrr", "lc", "wlc", "lblc", "sh", "mh", "dh", "fo", "ovf", "lblcr", "sed", "nq", NULL}; + {"rr", "wrr", "lc", "wlc", "lblc", "sh", "mh", "dh", "fo", "ovf", "lblcr", "sed", "nq", "conhash", NULL}; /* SSL handlers */ static void @@ -170,27 +170,14 @@ vs_end_handler(void) virtual_server_t *vs = LIST_TAIL_DATA(check_data->vs); real_server_t *rs; element e; + uint16_t af = AF_UNSPEC; bool mixed_af; - /* If the real (sorry) server uses tunnel forwarding, the address family - * does not have to match the address family of the virtual server */ - if (vs->s_svr -#if HAVE_DECL_IPVS_DEST_ATTR_ADDR_FAMILY - && vs->s_svr->forwarding_method != IP_VS_CONN_F_TUNNEL -#endif - ) - { - if (vs->af == AF_UNSPEC) - vs->af = vs->s_svr->addr.ss_family; - else if (vs->af != vs->s_svr->addr.ss_family) { - report_config_error(CONFIG_GENERAL_ERROR, "Address family of virtual server and sorry server %s don't match - skipping sorry server.", inet_sockaddrtos(&vs->s_svr->addr)); - FREE(vs->s_svr); - vs->s_svr = NULL; - } - } if (vs->af == AF_UNSPEC) { - /* This only occurs if the virtual server uses a fwmark, all the + /* This only occurs if: + * + * 1. the virtual server uses a fwmark(not supported by DPVS), all the * real/sorry servers are tunnelled, and the address family has not * been specified. * @@ -199,25 +186,34 @@ vs_end_handler(void) * real or sorry servers, even if they were tunnelled. However, all the real * and sorry servers had to be the same address family, even if tunnelled, * so only set the address family from the tunnelled real/sorry servers - * if all the real/sorry servers are of the same address family. */ + * if all the real/sorry servers are of the same address family. + * + * 2. the virtual server is configured with virtual_server_group and no "ip_family" + * is specified explicitly within it. + * + * Keep the vs->af to be AF_UNSPEC unchanged, and vs->af would be assgined with + * vsg->af in link_vsg_to_vs later. + * + * */ mixed_af = false; if (vs->s_svr) - vs->af = vs->s_svr->addr.ss_family; + af = vs->s_svr->addr.ss_family; LIST_FOREACH(vs->rs, rs, e) { - if (vs->af == AF_UNSPEC) - vs->af = rs->addr.ss_family; - else if (vs->af != rs->addr.ss_family) { + if (af == AF_UNSPEC) + af = rs->addr.ss_family; + else if (af != rs->addr.ss_family) { mixed_af = true; break; } } - if (mixed_af || vs->af == AF_UNSPEC) { + if (mixed_af) { /* We have a mixture of IPv4 and IPv6 tunnelled real/sorry servers. - * Default to IPv4. */ - vs->af = AF_INET; + * Default to IPv4.*/ + report_config_error(CONFIG_GENERAL_ERROR, "Address family of real/sorry servers are" + "not the same for vs %s.", FMT_VS(vs)); } } } @@ -567,6 +563,8 @@ proto_handler(const vector_t *strvec) vs->service_type = IPPROTO_UDP; else if (!strcasecmp(str, "ICMP")) vs->service_type = IPPROTO_ICMP; + else if (!strcasecmp(str, "ICMPV6")) + vs->service_type = IPPROTO_ICMPV6; else report_config_error(CONFIG_GENERAL_ERROR, "Unknown protocol %s - ignoring", str); } @@ -657,26 +655,9 @@ rs_end_handler(void) rs = LIST_TAIL_DATA(vs->rs); - /* For tunnelled forwarding, the address families don't have to be the same, so - * long as the kernel supports IPVS_DEST_ATTR_ADDR_FAMILY */ -#if HAVE_DECL_IPVS_DEST_ATTR_ADDR_FAMILY - if (rs->forwarding_method != IP_VS_CONN_F_TUNNEL) -#endif - { - if (vs->af == AF_UNSPEC) { - vsg = ipvs_get_group_by_name(vs->vsgname, check_data->vs_group); - if (vsg) { - vsge = ELEMENT_DATA(LIST_HEAD(vsg->addr_range)); - vs->af = vsge->addr.ss_family; - } else { - vs->af = rs->addr.ss_family; - } - } - else if (vs->af != rs->addr.ss_family) { - /*report_config_error(CONFIG_GENERAL_ERROR, "Address family of virtual server and real server %s don't match - skipping real server.", inet_sockaddrtos(&rs->addr)); - free_list_element(vs->rs, vs->rs->tail);*/ - } - } + /* Do NOT assign vs->af with rs->addr.ss_family, even if vs->af == AF_UNSPEC, + * because vs->af and rs->addr.ss_family are not the same in NAT64. + */ } static void rs_weight_handler(const vector_t *strvec) @@ -991,6 +972,54 @@ blklst_gname_handler(const vector_t *strvec) vs->blklst_addr_gname = set_value(strvec); } +static void +tunnel_handler(const vector_t *strvec) +{ + alloc_tunnel(vector_slot(strvec, 1)); +} + +static void +tunnel_entry_handler(const vector_t *strvec) +{ + alloc_tunnel_entry(vector_slot(strvec, 1)); +} + +static void +kind_handler(const vector_t *strvec) +{ + tunnel_group *gtunnel = LIST_TAIL_DATA(check_data->tunnel_group); + tunnel_entry *entry = LIST_TAIL_DATA(gtunnel->tunnel_entry); + + strncpy(entry->kind, vector_slot(strvec, 1), sizeof(entry->kind) - 1); +} + +static void +remote_handler(const vector_t *strvec) +{ + tunnel_group *gtunnel = LIST_TAIL_DATA(check_data->tunnel_group); + tunnel_entry *entry = LIST_TAIL_DATA(gtunnel->tunnel_entry); + + inet_stosockaddr(vector_slot(strvec, 1), NULL, &entry->remote); +} + +static void +local_handler(const vector_t *strvec) +{ + tunnel_group *gtunnel = LIST_TAIL_DATA(check_data->tunnel_group); + tunnel_entry *entry = LIST_TAIL_DATA(gtunnel->tunnel_entry); + + inet_stosockaddr(vector_slot(strvec, 1), NULL, &entry->local); +} + +static void +if_handler(const vector_t *strvec) +{ + tunnel_group *gtunnel = LIST_TAIL_DATA(check_data->tunnel_group); + tunnel_entry *entry = LIST_TAIL_DATA(gtunnel->tunnel_entry); + snprintf(entry->link, sizeof(entry->link), "%s", (char *)vector_slot(strvec, 1)); +} + + static void bps_handler(const vector_t *strvec) { @@ -1048,18 +1077,6 @@ iif_handler(const vector_t *strvec) snprintf(vs->iifname, sizeof(vs->iifname), "%s", (char *)vector_slot(strvec, 1)); } -static void -af_handler(const vector_t *strvec) -{ - virtual_server_t *vs = LIST_TAIL_DATA(check_data->vs); - char *str = vector_slot(strvec, 1); - - if (!strcmp(str, "ipv4") || !strcmp(str, "IPv4")) - vs->af = AF_INET; - else if (!strcmp(str, "ipv6") || !strcmp(str, "IPv6")) - vs->af = AF_INET6; -} - static void hash_target_handler(const vector_t *strvec) { @@ -1086,6 +1103,16 @@ init_check_keywords(bool active) install_keyword("certificate", &sslcert_handler); install_keyword("key", &sslkey_handler); + /* tunnel process */ + install_keyword_root("tunnel_group", &tunnel_handler, active); + install_keyword("tunnel_entry", &tunnel_entry_handler); + install_sublevel(); + install_keyword("kind", &kind_handler); + install_keyword("remote", &remote_handler); + install_keyword("local", &local_handler); + install_keyword("if", &if_handler); + install_sublevel_end(); + /* local IP address mapping */ install_keyword_root("local_address_group", &laddr_group_handler, active); /* blacklist IP */ @@ -1134,7 +1161,6 @@ init_check_keywords(bool active) install_keyword("dst-range", &dst_range_handler); install_keyword("oif", &oif_handler); install_keyword("iif", &iif_handler); - install_keyword("af", &af_handler); install_keyword("hash_target", &hash_target_handler); /* Pool regression detection and handling. */ diff --git a/tools/keepalived/keepalived/check/check_tcp.c b/tools/keepalived/keepalived/check/check_tcp.c index c46e8888a..67779fa57 100644 --- a/tools/keepalived/keepalived/check/check_tcp.c +++ b/tools/keepalived/keepalived/check/check_tcp.c @@ -105,7 +105,7 @@ tcp_epilog(thread_ref_t thread, bool is_success) checker->retry_it = 0; if (is_success && (!checker->is_up || !checker->has_run)) { - log_message(LOG_DEBUG, "TCP connection to %s success." + log_message(LOG_INFO, "TCP connection to %s success." , FMT_CHK(checker)); checker_was_up = checker->is_up; rs_was_alive = checker->rs->alive; diff --git a/tools/keepalived/keepalived/check/ipvswrapper.c b/tools/keepalived/keepalived/check/ipvswrapper.c index 6092f85b4..0055d0e95 100644 --- a/tools/keepalived/keepalived/check/ipvswrapper.c +++ b/tools/keepalived/keepalived/check/ipvswrapper.c @@ -67,70 +67,47 @@ ipvs_get_laddr_group_by_name(char *gname, list l) element e; local_addr_group *laddr_group; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - laddr_group = ELEMENT_DATA(e); + LIST_FOREACH(l, laddr_group, e) { if (!strcmp(laddr_group->gname, gname)) return laddr_group; } return NULL; } - blklst_addr_group * __attribute__ ((pure)) ipvs_get_blklst_group_by_name(char *gname, list l) { - element e; - blklst_addr_group *blklst_group; - - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - blklst_group = ELEMENT_DATA(e); - if (!strcmp(blklst_group->gname, gname)) - return blklst_group; - } - return NULL; -} + element e; + blklst_addr_group *blklst_group; -/* Global module def IPVS rules */ -//static ipvs_service_t *srule; -//static ipvs_dest_t *drule; -//static ipvs_daemon_t *daemonrule; -//static ipvs_laddr_t *laddr_rule; -//static ipvs_blklst_t *blklst_rule; -//static ipvs_tunnel_t *tunnel_rule; + LIST_FOREACH (l, blklst_group, e) { + if (!strcmp(blklst_group->gname, gname)) + return blklst_group; + } + return NULL; +} /* Initialization helpers */ int ipvs_start(void) { - log_message(LOG_DEBUG, "Initializing ipvs 2.6"); + log_message(LOG_DEBUG, "%snitializing ipvs", reload ? "Rei" : "I"); /* Initialize IPVS module */ if (ipvs_init(0)) { log_message(LOG_INFO, "IPVS: Can't initialize ipvs: %s", ipvs_strerror(errno)); + no_ipvs = true; return IPVS_ERROR; } - /* Allocate global user rules */ - //srule = (ipvs_service_t *) MALLOC(sizeof(ipvs_service_t)); - //drule = (ipvs_dest_t *) MALLOC(sizeof(ipvs_dest_t)); - //daemonrule = (ipvs_daemon_t *) MALLOC(sizeof(ipvs_daemon_t)); - //laddr_rule = (ipvs_laddr_t *) MALLOC(sizeof(ipvs_laddr_t)); - //blklst_rule = (ipvs_blklst_t *) MALLOC(sizeof(ipvs_blklst_t)); - //tunnel_rule = (ipvs_tunnel_t *) MALLOC(sizeof(ipvs_tunnel_t)); - return IPVS_SUCCESS; } void ipvs_stop(void) { - /* Clean up the room */ - //FREE(srule); - //FREE(drule); - //FREE(daemonrule); - //FREE(laddr_rule); - //FREE(blklst_rule); - //FREE(tunnel_rule); + if (no_ipvs) + return; ipvs_close(); } @@ -147,7 +124,8 @@ ipvs_set_timeouts(int tcp_timeout, int tcpfin_timeout, int udp_timeout) to.tcp_fin_timeout = tcpfin_timeout; to.udp_timeout = udp_timeout; - ipvs_set_timeout(&to); + if (ipvs_set_timeout(&to)) + log_message(LOG_INFO, "Failed to set ipvs timeouts"); } /* Send user rules to IPVS module */ @@ -223,13 +201,11 @@ ipvs_talk(int cmd, if (result) {//EDPVS_MSG_FAIL just ignore set failed if ((result == EDPVS_EXIST || result == EDPVS_MSG_FAIL || result == EDPVS_NOTSUPP) - && (cmd == IP_VS_SO_SET_ADD || cmd == IP_VS_SO_SET_ADDDEST)) + && (cmd == IP_VS_SO_SET_ADD || cmd == IP_VS_SO_SET_ADDDEST || cmd == IP_VS_SO_SET_ADDTUNNEL)) ignore_error = true; else if ((result == EDPVS_NOTEXIST || result == EDPVS_MSG_FAIL || result == EDPVS_NOTSUPP) - && (cmd == IP_VS_SO_SET_DEL || cmd == IP_VS_SO_SET_DELDEST)) + && (cmd == IP_VS_SO_SET_DEL || cmd == IP_VS_SO_SET_DELDEST || cmd == IP_VS_SO_SET_DELTUNNEL)) ignore_error = true; - if (errno) - log_message(LOG_INFO, "IPVS: %s", ipvs_strerror(errno)); } if (ignore_error) @@ -386,12 +362,14 @@ ipvs_change_needed(int cmd, virtual_server_group_entry_t *vsge, virtual_server_t vs->service_type == IPPROTO_TCP ? vsge->tcp_alive : vs->service_type == IPPROTO_UDP ? vsge->udp_alive : vsge->sctp_alive; - return (count == 1); + return (count == 0); } +#if 0 else if (cmd == IP_VS_SO_SET_ADDDEST) return !rs->alive; else if (cmd == IP_VS_SO_SET_DELDEST) return rs->alive; +#endif else /* cmd == IP_VS_SO_SET_EDITDEST */ return true; } @@ -399,9 +377,9 @@ ipvs_change_needed(int cmd, virtual_server_group_entry_t *vsge, virtual_server_t static void ipvs_set_vsge_alive_state(int cmd, virtual_server_group_entry_t *vsge, virtual_server_t *vs) { - if (cmd == IP_VS_SO_SET_ADD) + if (cmd == IP_VS_SO_SET_ADDDEST) set_vsge_alive(vsge, vs); - else if (cmd == IP_VS_SO_SET_DEL) + else if (cmd == IP_VS_SO_SET_DELDEST) unset_vsge_alive(vsge, vs); } @@ -415,8 +393,11 @@ ipvs_group_cmd(int cmd, ipvs_service_t *srule, ipvs_dest_t *drule, virtual_serve /* return if jointure fails */ if (!vsg) return 0; - /* visit addr_ip list */ + + /* visit addr_range list */ LIST_FOREACH(vsg->addr_range, vsg_entry, e) { + if (cmd == IP_VS_SO_SET_ADD && reload && vsg_entry->reloaded) + continue; if (ipvs_change_needed(cmd, vsg_entry, vs, rs)) { srule->user.port = inet_sockaddrport(&vsg_entry->addr); if (vsg_entry->range) { @@ -433,13 +414,17 @@ ipvs_group_cmd(int cmd, ipvs_service_t *srule, ipvs_dest_t *drule, virtual_serve return -1; } } - ipvs_set_vsge_alive_state(cmd, vsg_entry, vs); + if (cmd == IP_VS_SO_SET_ADDDEST || cmd == IP_VS_SO_SET_DELDEST) + ipvs_set_vsge_alive_state(cmd, vsg_entry, vs); } /* visit vfwmark list */ memset(&srule->nf_addr, 0, sizeof(srule->nf_addr)); srule->user.port = 0; LIST_FOREACH(vsg->vfwmark, vsg_entry, e) { + if (cmd == IP_VS_SO_SET_ADD && reload && vsg_entry->reloaded) + continue; + srule->user.fwmark = vsg_entry->vfwmark; /* Talk to the IPVS channel */ @@ -454,14 +439,10 @@ ipvs_group_cmd(int cmd, ipvs_service_t *srule, ipvs_dest_t *drule, virtual_serve } static void -ipvs_laddr_range_cmd(int cmd, local_addr_entry *laddr_entry, virtual_server_t *vs) +ipvs_laddr_range_cmd(int cmd, local_addr_entry *laddr_entry, virtual_server_t *vs, ipvs_service_t *srule) { uint32_t addr_ip, ip; ipvs_laddr_t laddr_rule; - ipvs_service_t srule; - - /* Allocate the room */ - ipvs_set_srule(cmd, &srule, vs); memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); laddr_rule.af = laddr_entry->addr.ss_family; @@ -471,55 +452,51 @@ ipvs_laddr_range_cmd(int cmd, local_addr_entry *laddr_entry, virtual_server_t *v } else { ip = inet_sockaddrip4(&laddr_entry->addr); } - for (addr_ip = ip; ((addr_ip >> 24) & 0xFF) <= laddr_entry->range; - addr_ip += 0x01000000) { + addr_ip += 0x01000000) { if (laddr_entry->addr.ss_family == AF_INET6) laddr_rule.addr.in6.s6_addr32[3] = addr_ip; else laddr_rule.addr.ip = addr_ip; strncpy(laddr_rule.ifname, laddr_entry->ifname, sizeof(laddr_rule.ifname)); - ipvs_talk(cmd, &srule, NULL, NULL, &laddr_rule, NULL, NULL, false); + ipvs_talk(cmd, srule, NULL, NULL, &laddr_rule, NULL, NULL, false); } } static void ipvs_laddr_group_cmd(int cmd, local_addr_group *laddr_group, virtual_server_t *vs, ipvs_service_t *srule) { - local_addr_entry *laddr_entry; - ipvs_laddr_t laddr_rule; - list l; - element e; - - if (!laddr_group) - return; - - l = laddr_group->addr_ip; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - laddr_entry = ELEMENT_DATA(e); - memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); - laddr_rule.af = laddr_entry->addr.ss_family; - if (laddr_entry->addr.ss_family == AF_INET6) - inet_sockaddrip6(&laddr_entry->addr, &laddr_rule.addr.in6); - else - laddr_rule.addr.ip = inet_sockaddrip4(&laddr_entry->addr); - strncpy(laddr_rule.ifname, laddr_entry->ifname, sizeof(laddr_rule.ifname)); - - ipvs_talk(cmd, srule, NULL, NULL, &laddr_rule, NULL, NULL, false); - } - - l = laddr_group->range; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - laddr_entry = ELEMENT_DATA(e); - ipvs_laddr_range_cmd(cmd, laddr_entry, vs); - } -} + local_addr_entry *laddr_entry; + ipvs_laddr_t laddr_rule; + list l; + element e; + + if (!laddr_group) + return; + l = laddr_group->addr_ip; + LIST_FOREACH(l, laddr_entry, e) { + memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); + laddr_rule.af = laddr_entry->addr.ss_family; + if (laddr_entry->addr.ss_family == AF_INET6) + inet_sockaddrip6(&laddr_entry->addr, &laddr_rule.addr.in6); + else + laddr_rule.addr.ip = inet_sockaddrip4(&laddr_entry->addr); + strncpy(laddr_rule.ifname, laddr_entry->ifname, sizeof(laddr_rule.ifname)); + + ipvs_talk(cmd, srule, NULL, NULL, &laddr_rule, NULL, NULL, false); + } + + l = laddr_group->range; + LIST_FOREACH(l, laddr_entry, e) { + ipvs_laddr_range_cmd(cmd, laddr_entry, vs, srule); + } +} static void -ipvs_laddr_vsg_cmd(int cmd, list vs_group, virtual_server_t * vs, local_addr_group *laddr_group, ipvs_service_t *srule) +ipvs_laddr_vsg_cmd(int cmd, list vs_group, virtual_server_t *vs, local_addr_group *laddr_group, ipvs_service_t *srule) { virtual_server_group_t *vsg = ipvs_get_group_by_name(vs->vsgname, vs_group); virtual_server_group_entry_t *vsg_entry; @@ -529,28 +506,9 @@ ipvs_laddr_vsg_cmd(int cmd, list vs_group, virtual_server_t * vs, local_addr_gro if (!vsg) return; - /* visit addr_ip list */ - l = vsg->addr_ip; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); - - srule->af = vsg_entry->addr.ss_family; - if (srule->af == AF_INET6) { - if (srule->user.netmask == 0xffffffff) - srule->user.netmask = 128; - inet_sockaddrip6(&vsg_entry->addr, &srule->nf_addr.in6); - } else - srule->nf_addr.ip = inet_sockaddrip4(&vsg_entry->addr); - srule->user.port = inet_sockaddrport(&vsg_entry->addr); - - /* local address group channel */ - ipvs_laddr_group_cmd(cmd, laddr_group, vs, srule); - } - /* visit range list */ l = vsg->addr_range; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); + LIST_FOREACH(l, vsg_entry, e) { uint32_t addr_ip, ip; srule->af = vsg_entry->addr.ss_family; @@ -561,10 +519,23 @@ ipvs_laddr_vsg_cmd(int cmd, list vs_group, virtual_server_t * vs, local_addr_gro ip = inet_sockaddrip4(&vsg_entry->addr); } + if (!vsg_entry->range) { + if (srule->af == AF_INET6) { + if (srule->user.netmask == 0xffffffff) + srule->user.netmask = 128; + srule->nf_addr.in6.s6_addr32[3] = ip; + } else { + srule->nf_addr.ip = ip; + } + srule->user.port = inet_sockaddrport(&vsg_entry->addr); + ipvs_laddr_group_cmd(cmd, laddr_group, vs, srule); + continue; + } + /* Parse the whole range */ for (addr_ip = ip; - ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; - addr_ip += 0x01000000) { + ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; + addr_ip += 0x01000000) { if (srule->af == AF_INET6) { if (srule->user.netmask == 0xffffffff) srule->user.netmask = 128; @@ -582,86 +553,83 @@ ipvs_laddr_vsg_cmd(int cmd, list vs_group, virtual_server_t * vs, local_addr_gro static int ipvs_laddr_cmd(int cmd, ipvs_service_t *srule, virtual_server_t *vs) { - local_addr_group *laddr_group; - laddr_group = ipvs_get_laddr_group_by_name(vs->local_addr_gname, check_data->laddr_group); - if (!laddr_group) { - log_message(LOG_ERR, "No address in group %s", vs->local_addr_gname); - return -1;// return IPVS_ERROR; - } - - if (vs->vsgname) { - ipvs_laddr_vsg_cmd(cmd, check_data->vs_group, vs, laddr_group, srule); - } else { - if (!vs->vfwmark) { - srule->af = vs->addr.ss_family; - if (vs->addr.ss_family == AF_INET6) - inet_sockaddrip6(&vs->addr, &srule->nf_addr.in6); - else - srule->nf_addr.ip = inet_sockaddrip4(&vs->addr); - srule->user.port = inet_sockaddrport(&vs->addr); - ipvs_laddr_group_cmd(cmd, laddr_group, vs, srule); - } - } - - return IPVS_SUCCESS; + local_addr_group *laddr_group; + laddr_group = ipvs_get_laddr_group_by_name(vs->local_addr_gname, check_data->laddr_group); + if (!laddr_group) { + log_message(LOG_ERR, "No address in group %s", vs->local_addr_gname); + return -1; + } + + if (vs->vsgname) { + ipvs_laddr_vsg_cmd(cmd, check_data->vs_group, vs, laddr_group, srule); + } else { + if (!vs->vfwmark) { + srule->af = vs->addr.ss_family; + if (vs->addr.ss_family == AF_INET6) + inet_sockaddrip6(&vs->addr, &srule->nf_addr.in6); + else + srule->nf_addr.ip = inet_sockaddrip4(&vs->addr); + srule->user.port = inet_sockaddrport(&vs->addr); + ipvs_laddr_group_cmd(cmd, laddr_group, vs, srule); + } + } + + return IPVS_SUCCESS; } static void ipvs_blklst_range_cmd(int cmd, blklst_addr_entry *blklst_entry, ipvs_service_t *srule) { - uint32_t addr_ip, ip; + uint32_t addr_ip, ip; ipvs_blklst_t blklst_rule; - memset(&blklst_rule, 0, sizeof(ipvs_blklst_t)); - blklst_rule.af = blklst_entry->addr.ss_family; - if (blklst_entry->addr.ss_family == AF_INET6) { - inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); - ip = blklst_rule.addr.in6.s6_addr32[3]; - } else { - ip = inet_sockaddrip4(&blklst_entry->addr); - } - + memset(&blklst_rule, 0, sizeof(ipvs_blklst_t)); + blklst_rule.af = blklst_entry->addr.ss_family; + if (blklst_entry->addr.ss_family == AF_INET6) { + inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); + ip = blklst_rule.addr.in6.s6_addr32[3]; + } else { + ip = inet_sockaddrip4(&blklst_entry->addr); + } - for (addr_ip = ip; - ((addr_ip >> 24) & 0xFF) <= blklst_entry->range; - addr_ip += 0x01000000) { - if (blklst_entry->addr.ss_family == AF_INET6) - blklst_rule.addr.in6.s6_addr32[3] = addr_ip; - else - blklst_rule.addr.ip = addr_ip; + for (addr_ip = ip; + ((addr_ip >> 24) & 0xFF) <= blklst_entry->range; + addr_ip += 0x01000000) { + if (blklst_entry->addr.ss_family == AF_INET6) + blklst_rule.addr.in6.s6_addr32[3] = addr_ip; + else + blklst_rule.addr.ip = addr_ip; ipvs_talk(cmd, srule, NULL, NULL, NULL, &blklst_rule, NULL, false); - } + } } static void ipvs_blklst_group_cmd(int cmd, blklst_addr_group *blklst_group, ipvs_service_t *srule) { - blklst_addr_entry *blklst_entry; + blklst_addr_entry *blklst_entry; ipvs_blklst_t blklst_rule; - list l; - element e; - - if (!blklst_group) - return; - - l = blklst_group->addr_ip; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - blklst_entry = ELEMENT_DATA(e); - memset(&blklst_rule, 0, sizeof(ipvs_blklst_t)); - blklst_rule.af = blklst_entry->addr.ss_family; - if (blklst_entry->addr.ss_family == AF_INET6) - inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); - else - blklst_rule.addr.ip = inet_sockaddrip4(&blklst_entry->addr); + list l; + element e; + + if (!blklst_group) + return; + + l = blklst_group->addr_ip; + LIST_FOREACH(l, blklst_entry, e) { + memset(&blklst_rule, 0, sizeof(ipvs_blklst_t)); + blklst_rule.af = blklst_entry->addr.ss_family; + if (blklst_entry->addr.ss_family == AF_INET6) + inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); + else + blklst_rule.addr.ip = inet_sockaddrip4(&blklst_entry->addr); ipvs_talk(cmd, srule, NULL, NULL, NULL, &blklst_rule, NULL, false); - } + } - l = blklst_group->range; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - blklst_entry = ELEMENT_DATA(e); - ipvs_blklst_range_cmd(cmd, blklst_entry, srule); - } + l = blklst_group->range; + LIST_FOREACH(l, blklst_entry, e) { + ipvs_blklst_range_cmd(cmd, blklst_entry, srule); + } } static void @@ -671,91 +639,86 @@ ipvs_blklst_vsg_cmd(int cmd, blklst_addr_group *blklst_group, ipvs_service_t *srule) { - virtual_server_group_t *vsg = ipvs_get_group_by_name(vs->vsgname, vs_group); - virtual_server_group_entry_t *vsg_entry; - list l; - element e; - if (!vsg) - return; - - /* visit addr_ip list */ - l = vsg->addr_ip; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); - - srule->af = vsg_entry->addr.ss_family; - if (srule->af == AF_INET6) { - if (srule->user.netmask == 0xffffffff) - srule->user.netmask = 128; - inet_sockaddrip6(&vsg_entry->addr, &srule->nf_addr.in6); - } else - srule->nf_addr.ip = inet_sockaddrip4(&vsg_entry->addr); - srule->user.port = inet_sockaddrport(&vsg_entry->addr); - - /* blacklist address group channel */ - ipvs_blklst_group_cmd(cmd, blklst_group, srule); - } - - /* visit range list */ - l = vsg->addr_range; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); - uint32_t addr_ip, ip; - - srule->af = vsg_entry->addr.ss_family; - if (srule->af == AF_INET6) { - inet_sockaddrip6(&vsg_entry->addr, &srule->nf_addr.in6); - ip = srule->nf_addr.in6.s6_addr32[3]; - } else { - ip = inet_sockaddrip4(&vsg_entry->addr); - } - - /* Parse the whole range */ - for (addr_ip = ip; - ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; - addr_ip += 0x01000000) { - if (srule->af == AF_INET6) { - if (srule->user.netmask == 0xffffffff) - srule->user.netmask = 128; - srule->nf_addr.in6.s6_addr32[3] = addr_ip; - } else { - srule->nf_addr.ip = addr_ip; - } - srule->user.port = inet_sockaddrport(&vsg_entry->addr); - - ipvs_blklst_group_cmd(cmd, blklst_group, srule); - } - } + virtual_server_group_t *vsg = ipvs_get_group_by_name(vs->vsgname, vs_group); + virtual_server_group_entry_t *vsg_entry; + list l; + element e; + if (!vsg) + return; + + /* visit range list */ + l = vsg->addr_range; + LIST_FOREACH(l, vsg_entry, e) { + uint32_t addr_ip, ip; + + srule->af = vsg_entry->addr.ss_family; + if (srule->af == AF_INET6) { + inet_sockaddrip6(&vsg_entry->addr, &srule->nf_addr.in6); + ip = srule->nf_addr.in6.s6_addr32[3]; + } else { + ip = inet_sockaddrip4(&vsg_entry->addr); + } + + if (!vsg_entry->range) { + if (srule->af == AF_INET6) { + if (srule->user.netmask == 0xffffffff) + srule->user.netmask = 128; + srule->nf_addr.in6.s6_addr32[3] = ip; + } else { + srule->nf_addr.ip = ip; + } + srule->user.port = inet_sockaddrport(&vsg_entry->addr); + + ipvs_blklst_group_cmd(cmd, blklst_group, srule); + continue; + } + + /* Parse the whole range */ + for (addr_ip = ip; + ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; + addr_ip += 0x01000000) { + if (srule->af == AF_INET6) { + if (srule->user.netmask == 0xffffffff) + srule->user.netmask = 128; + srule->nf_addr.in6.s6_addr32[3] = addr_ip; + } else { + srule->nf_addr.ip = addr_ip; + } + srule->user.port = inet_sockaddrport(&vsg_entry->addr); + + ipvs_blklst_group_cmd(cmd, blklst_group, srule); + } + } } static int ipvs_blklst_cmd(int cmd, ipvs_service_t *srule, virtual_server_t * vs) { - blklst_addr_group *blklst_group = ipvs_get_blklst_group_by_name(vs->blklst_addr_gname, - check_data->blklst_group); - if (!blklst_group) { - log_message(LOG_ERR, "No address in group %s", vs->blklst_addr_gname); - return IPVS_ERROR; - } - - memset(srule, 0, sizeof(ipvs_service_t)); - srule->user.netmask = (vs->addr.ss_family == AF_INET6) ? 128 : ((u_int32_t) 0xffffffff); - srule->user.protocol = vs->service_type; - - if(vs->vsgname) { - ipvs_blklst_vsg_cmd(cmd, check_data->vs_group, vs, blklst_group, srule); - } else { - if (!vs->vfwmark) { - srule->af = vs->addr.ss_family; - if (vs->addr.ss_family == AF_INET6) - inet_sockaddrip6(&vs->addr, &srule->nf_addr.in6); - else - srule->nf_addr.ip = inet_sockaddrip4(&vs->addr); - srule->user.port = inet_sockaddrport(&vs->addr); - ipvs_blklst_group_cmd(cmd, blklst_group, srule); - } - } - return IPVS_SUCCESS; + blklst_addr_group *blklst_group = ipvs_get_blklst_group_by_name(vs->blklst_addr_gname, + check_data->blklst_group); + if (!blklst_group) { + log_message(LOG_ERR, "No address in group %s", vs->blklst_addr_gname); + return -1; + } + + memset(srule, 0, sizeof(ipvs_service_t)); + srule->user.netmask = (vs->addr.ss_family == AF_INET6) ? 128 : ((u_int32_t) 0xffffffff); + srule->user.protocol = vs->service_type; + + if(vs->vsgname) { + ipvs_blklst_vsg_cmd(cmd, check_data->vs_group, vs, blklst_group, srule); + } else { + if (!vs->vfwmark) { + srule->af = vs->addr.ss_family; + if (vs->addr.ss_family == AF_INET6) + inet_sockaddrip6(&vs->addr, &srule->nf_addr.in6); + else + srule->nf_addr.ip = inet_sockaddrip4(&vs->addr); + srule->user.port = inet_sockaddrport(&vs->addr); + ipvs_blklst_group_cmd(cmd, blklst_group, srule); + } + } + return IPVS_SUCCESS; } /* Fill IPVS rule with root vs infos */ @@ -772,13 +735,14 @@ ipvs_set_srule(int cmd, ipvs_service_t *srule, virtual_server_t *vs) srule->user.protocol = vs->service_type; srule->user.bps = vs->bps; srule->user.limit_proportion = vs->limit_proportion; + srule->user.conn_timeout = vs->conn_timeout; snprintf(srule->user.srange, 256, "%s", vs->srange); snprintf(srule->user.drange, 256, "%s", vs->drange); snprintf(srule->user.iifname, IFNAMSIZ, "%s", vs->iifname); snprintf(srule->user.oifname, IFNAMSIZ, "%s", vs->oifname); if (vs->persistence_timeout && - (cmd == IP_VS_SO_SET_ADD || cmd == IP_VS_SO_SET_DEL)) { + (cmd == IP_VS_SO_SET_ADD || cmd == IP_VS_SO_SET_DEL)) { srule->user.timeout = vs->persistence_timeout; srule->user.flags |= IP_VS_SVC_F_PERSISTENT; @@ -794,7 +758,7 @@ ipvs_set_srule(int cmd, ipvs_service_t *srule, virtual_server_t *vs) if (vs->hash_target) { if ((srule->user.protocol != IPPROTO_UDP) && (vs->hash_target == IP_VS_SVC_F_QID_HASH)) { - ; // print error log + log_message(LOG_ERR, "vs hash_target IP_VS_SVC_F_QID_HASH cannot apply to non-UDP services"); } else { srule->user.flags |= vs->hash_target; } @@ -803,11 +767,6 @@ ipvs_set_srule(int cmd, ipvs_service_t *srule, virtual_server_t *vs) } } - if (cmd == IP_VS_SO_SET_ADDLADDR || cmd == IP_VS_SO_SET_DELLADDR) - ipvs_laddr_cmd(cmd, srule, vs); - if (cmd == IP_VS_SO_SET_ADDBLKLST || cmd == IP_VS_SO_SET_DELBLKLST) - ipvs_blklst_cmd(cmd, srule, vs); - #ifdef _HAVE_PE_NAME_ strcpy(srule->pe_name, vs->pe_name); #endif @@ -836,21 +795,28 @@ ipvs_set_drule(int cmd, ipvs_dest_t *drule, real_server_t * rs) drule->user.weight = rs->weight; drule->user.u_threshold = rs->u_threshold; drule->user.l_threshold = rs->l_threshold; +#ifdef _HAVE_IPVS_TUN_TYPE_ + drule->tun_type = rs->tun_type; + drule->tun_port = rs->tun_port; +#ifdef _HAVE_IPVS_TUN_CSUM_ + drule->tun_flags = rs->tun_flags; +#endif +#endif } int ipvs_tunnel_cmd(int cmd, tunnel_entry *entry) { ipvs_tunnel_t tunnel_rule; - memset(&tunnel_rule, 0, sizeof(ipvs_tunnel_t)); - strncpy(tunnel_rule.ifname, entry->ifname, sizeof(tunnel_rule.ifname)); - strncpy(tunnel_rule.kind, entry->kind, sizeof(tunnel_rule.kind)); - strncpy(tunnel_rule.link, entry->link, sizeof(tunnel_rule.link)); + memset(&tunnel_rule, 0, sizeof(ipvs_tunnel_t)); + strncpy(tunnel_rule.ifname, entry->ifname, sizeof(tunnel_rule.ifname)); + strncpy(tunnel_rule.kind, entry->kind, sizeof(tunnel_rule.kind)); + strncpy(tunnel_rule.link, entry->link, sizeof(tunnel_rule.link)); - tunnel_rule.laddr.ip = inet_sockaddrip4(&entry->local); - tunnel_rule.laddr.ip = inet_sockaddrip4(&entry->remote); - ipvs_talk(cmd, NULL, NULL, NULL, NULL, NULL, &tunnel_rule, false); + tunnel_rule.laddr.ip = inet_sockaddrip4(&entry->local); + tunnel_rule.raddr.ip = inet_sockaddrip4(&entry->remote); + ipvs_talk(cmd, NULL, NULL, NULL, NULL, NULL, &tunnel_rule, false); - return IPVS_SUCCESS; + return IPVS_SUCCESS; } /* Set/Remove a RS from a VS */ @@ -864,9 +830,9 @@ ipvs_cmd(int cmd, virtual_server_t *vs, real_server_t *rs) ipvs_set_srule(cmd, &srule, vs); /* Set/Remove local address */ - if (cmd == IP_VS_SO_SET_ADDLADDR || cmd == IP_VS_SO_SET_DELLADDR) + if (cmd == IP_VS_SO_SET_ADDLADDR || cmd == IP_VS_SO_SET_DELLADDR) return ipvs_laddr_cmd(cmd, &srule, vs); - /* Set/Remove deny address */ + /* Set/Remove deny address */ if (cmd == IP_VS_SO_SET_ADDBLKLST || cmd == IP_VS_SO_SET_DELBLKLST) return ipvs_blklst_cmd(cmd, &srule, vs); @@ -901,13 +867,18 @@ ipvs_cmd(int cmd, virtual_server_t *vs, real_server_t *rs) srule.af = vs->addr.ss_family; srule.nf_addr.ip = 0; srule.user.port = inet_sockaddrport(&vs->addr); + srule.user.flags |= IP_VS_SVC_F_MATCH; + /* srule.af should be set in ipvs_set_srule */ + //if (!srule.af) + // srule.af = vs->af; } else { if (vs->af == AF_INET6) inet_sockaddrip6(&vs->addr, &srule.nf_addr.in6); else srule.nf_addr.ip = inet_sockaddrip4(&vs->addr); srule.user.port = inet_sockaddrport(&vs->addr); - srule.af = vs->af; + /* srule.af should be set in ipvs_set_srule */ + //srule.af = vs->af; } /* Talk to the IPVS channel */ @@ -961,46 +932,11 @@ ipvs_rm_lentry_from_vsg(local_addr_entry *laddr_entry, virtual_server_t *vs) ipvs_set_srule(IP_VS_SO_SET_DELLADDR, &srule, vs); vsg = ipvs_get_group_by_name(vs->vsgname, check_data->vs_group); - if (!vsg) return; - - l = vsg->addr_ip; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); - srule.af = vsg_entry->addr.ss_family; - if (vsg_entry->addr.ss_family == AF_INET6) { - srule.user.netmask = 128; - inet_sockaddrip6(&vsg_entry->addr, &srule.nf_addr.in6); - } else { - srule.user.netmask = 0xffffffff; - srule.nf_addr.ip = inet_sockaddrip4(&vsg_entry->addr); - } - srule.user.port = inet_sockaddrport(&vsg_entry->addr); - - if (laddr_entry->range) - ipvs_laddr_range_cmd(IP_VS_SO_SET_DELLADDR, laddr_entry, vs); - else { - memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); - laddr_rule.af = laddr_entry->addr.ss_family; - if (laddr_entry->addr.ss_family == AF_INET6) - inet_sockaddrip6(&laddr_entry->addr, &laddr_rule.addr.in6); - else - laddr_rule.addr.ip = inet_sockaddrip4(&laddr_entry->addr); - strncpy(laddr_rule.ifname, laddr_entry->ifname, sizeof(laddr_rule.ifname)); - - ipvs_talk(IP_VS_SO_SET_DELLADDR, - &srule, - NULL/*drule*/, - NULL/*daemonrule*/, - &laddr_rule, - NULL/*blklst_rule*/, - NULL, - false); - } - } + if (!vsg) + return; l = vsg->addr_range; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); + LIST_FOREACH(l, vsg_entry, e) { uint32_t addr_ip, ip; srule.af = vsg_entry->addr.ss_family; @@ -1013,16 +949,45 @@ ipvs_rm_lentry_from_vsg(local_addr_entry *laddr_entry, virtual_server_t *vs) ip = inet_sockaddrip4(&vsg_entry->addr); } + if (!vsg_entry->range) { + if (srule.af == AF_INET6) + srule.nf_addr.in6.s6_addr32[3] = ip; + else + srule.nf_addr.ip = ip; + + if (laddr_entry->range) + ipvs_laddr_range_cmd(IP_VS_SO_SET_DELLADDR, laddr_entry, vs, &srule); + else { + memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); + laddr_rule.af = laddr_entry->addr.ss_family; + if (laddr_entry->addr.ss_family == AF_INET6) + inet_sockaddrip6(&laddr_entry->addr, &laddr_rule.addr.in6); + else + laddr_rule.addr.ip = inet_sockaddrip4(&laddr_entry->addr); + strncpy(laddr_rule.ifname, laddr_entry->ifname, sizeof(laddr_rule.ifname)); + + ipvs_talk(IP_VS_SO_SET_DELLADDR, + &srule, + NULL/*drule*/, + NULL/*daemonrule*/, + &laddr_rule, + NULL/*blklst_rule*/, + NULL, + false); + } + continue; + } + for (addr_ip = ip; - ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; - addr_ip += 0x01000000) { + ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; + addr_ip += 0x01000000) { if (srule.af == AF_INET6) srule.nf_addr.in6.s6_addr32[3] = addr_ip; else srule.nf_addr.ip = addr_ip; if (laddr_entry->range) - ipvs_laddr_range_cmd(IP_VS_SO_SET_DELLADDR, laddr_entry, vs); + ipvs_laddr_range_cmd(IP_VS_SO_SET_DELLADDR, laddr_entry, vs, &srule); else { memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); laddr_rule.af = laddr_entry->addr.ss_family; @@ -1068,7 +1033,7 @@ ipvs_laddr_remove_entry(virtual_server_t *vs, local_addr_entry *laddr_entry) srule.user.port = inet_sockaddrport(&vs->addr); if (laddr_entry->range) { - ipvs_laddr_range_cmd(IP_VS_SO_SET_DELLADDR, laddr_entry, vs); + ipvs_laddr_range_cmd(IP_VS_SO_SET_DELLADDR, laddr_entry, vs, &srule); } else { memset(&laddr_rule, 0, sizeof(ipvs_laddr_t)); laddr_rule.af = laddr_entry->addr.ss_family; @@ -1097,36 +1062,8 @@ ipvs_rm_bentry_from_vsg(blklst_addr_entry *blklst_entry, const char *vsgname, ip vsg = ipvs_get_group_by_name(vsgname, check_data->vs_group); if (!vsg) return; - l = vsg->addr_ip; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); - srule->af = vsg_entry->addr.ss_family; - if (vsg_entry->addr.ss_family == AF_INET6) { - srule->user.netmask = 128; - inet_sockaddrip6(&vsg_entry->addr, &srule->nf_addr.in6); - } else { - srule->user.netmask = 0xffffffff; - srule->nf_addr.ip = inet_sockaddrip4(&vsg_entry->addr); - } - srule->user.port = inet_sockaddrport(&vsg_entry->addr); - - if (blklst_entry->range) - ipvs_blklst_range_cmd(IP_VS_SO_SET_DELBLKLST, blklst_entry, srule); - else { - memset(&blklst_rule, 0, sizeof(ipvs_blklst_t)); - blklst_rule.af = blklst_entry->addr.ss_family; - if (blklst_entry->addr.ss_family == AF_INET6) - inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); - else - blklst_rule.addr.ip = inet_sockaddrip4(&blklst_entry->addr); - - ipvs_talk(IP_VS_SO_SET_DELBLKLST, srule, NULL, NULL, NULL, &blklst_rule, NULL, false); - } - } - l = vsg->addr_range; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - vsg_entry = ELEMENT_DATA(e); + LIST_FOREACH(l, vsg_entry, e) { uint32_t addr_ip, ip; srule->af = vsg_entry->addr.ss_family; @@ -1139,6 +1076,26 @@ ipvs_rm_bentry_from_vsg(blklst_addr_entry *blklst_entry, const char *vsgname, ip ip = inet_sockaddrip4(&vsg_entry->addr); } + if (!vsg_entry->range) { + if (srule->af == AF_INET6) + srule->nf_addr.in6.s6_addr32[3] = ip; + else + srule->nf_addr.ip = ip; + + if (blklst_entry->range) + ipvs_blklst_range_cmd(IP_VS_SO_SET_DELBLKLST, blklst_entry, srule); + else { + memset(&blklst_rule, 0, sizeof(ipvs_blklst_t)); + blklst_rule.af = blklst_entry->addr.ss_family; + if (blklst_entry->addr.ss_family == AF_INET6) + inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); + else + blklst_rule.addr.ip = inet_sockaddrip4(&blklst_entry->addr); + ipvs_talk(IP_VS_SO_SET_DELBLKLST, srule, NULL, NULL, NULL, &blklst_rule, NULL, false); + } + continue; + } + for (addr_ip = ip; ((addr_ip >> 24) & 0xFF) <= vsg_entry->range; addr_ip += 0x01000000) { @@ -1154,7 +1111,7 @@ ipvs_rm_bentry_from_vsg(blklst_addr_entry *blklst_entry, const char *vsgname, ip blklst_rule.af = blklst_entry->addr.ss_family; if (blklst_entry->addr.ss_family == AF_INET6) inet_sockaddrip6(&blklst_entry->addr, &blklst_rule.addr.in6); - else + else blklst_rule.addr.ip = inet_sockaddrip4(&blklst_entry->addr); ipvs_talk(IP_VS_SO_SET_DELBLKLST, srule, NULL, NULL, NULL, &blklst_rule, NULL, false); diff --git a/tools/keepalived/keepalived/check/ipwrapper.c b/tools/keepalived/keepalived/check/ipwrapper.c old mode 100755 new mode 100644 index a83ec7450..a2cc2224c --- a/tools/keepalived/keepalived/check/ipwrapper.c +++ b/tools/keepalived/keepalived/check/ipwrapper.c @@ -37,32 +37,6 @@ #include "smtp.h" #include "check_daemon.h" -static bool __attribute((pure)) -vs_iseq(const virtual_server_t *vs_a, const virtual_server_t *vs_b) -{ - if (!vs_a->vsgname != !vs_b->vsgname) - return false; - - if (vs_a->vsgname) { - /* Should we check the vsg entries match? */ - if (inet_sockaddrport(&vs_a->addr) != inet_sockaddrport(&vs_b->addr)) - return false; - - return !strcmp(vs_a->vsgname, vs_b->vsgname); - } else if (vs_a->af != vs_b->af) - return false; - else if (vs_a->vfwmark) { - if (vs_a->vfwmark != vs_b->vfwmark) - return false; - } else { - if (vs_a->service_type != vs_b->service_type || - !sockstorage_equal(&vs_a->addr, &vs_b->addr)) - return false; - } - - return true; -} - static bool __attribute((pure)) vsge_iseq(const virtual_server_group_entry_t *vsge_a, const virtual_server_group_entry_t *vsge_b) { @@ -236,10 +210,12 @@ clear_service_rs(virtual_server_t * vs, list l, bool stopping) LIST_FOREACH(l, rs, e) { if (rs->set || stopping) - log_message(LOG_INFO, "%s %sservice %s from VS %s", + log_message(LOG_INFO, "%s %sservice %s (%s,%s) from VS %s", stopping ? "Shutting down" : "Removing", rs->inhibit && !rs->alive ? "(inhibited) " : "", FMT_RS(rs, vs), + rs->set ? "set" : "unset", + rs->alive ? "alive" : "dead", FMT_VS(vs)); if (!rs->set) @@ -391,8 +367,7 @@ static int init_tunnel_group(tunnel_group* group) tunnel_entry* entry; l = group->tunnel_entry; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - entry = ELEMENT_DATA(e); + LIST_FOREACH(l, entry, e) { if (!init_tunnel_entry(entry)) { log_message(LOG_ERR, "%s create tunnel %s error.", __FUNCTION__, entry->ifname); return IPVS_ERROR; @@ -411,8 +386,7 @@ int init_tunnel(void) if (LIST_ISEMPTY(l)) return IPVS_SUCCESS; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - entry = ELEMENT_DATA(e); + LIST_FOREACH(l, entry, e) { if (!init_tunnel_group(entry)) { log_message(LOG_ERR, "%s create tunnel group %s error.", __FUNCTION__, entry->gname); return IPVS_ERROR; @@ -453,8 +427,6 @@ sync_service_vsg(virtual_server_t * vs) } } - - /* add or remove _alive_ real servers from a virtual server */ static void perform_quorum_state(virtual_server_t *vs, bool add) @@ -614,15 +586,17 @@ init_service_vs(virtual_server_t * vs) } /*Set local ip address in "FNAT" mode of IPVS */ - if ((vs->forwarding_method == IP_VS_CONN_F_FULLNAT) && vs->local_addr_gname) { + if (vs->local_addr_gname && + (vs->forwarding_method == IP_VS_CONN_F_FULLNAT || + vs->forwarding_method == IP_VS_CONN_F_SNAT)) { if (!ipvs_cmd(LVS_CMD_ADD_LADDR, vs, NULL)) - return 0; + return 0; } - if ((vs->forwarding_method == IP_VS_CONN_F_FULLNAT) && vs->blklst_addr_gname) { - if (!ipvs_cmd(LVS_CMD_ADD_BLKLST, vs, NULL)) - return 0; - } + if (vs->blklst_addr_gname) { + if (!ipvs_cmd(LVS_CMD_ADD_BLKLST, vs, NULL)) + return 0; + } /* Processing real server queue */ if (!init_service_rs(vs)) @@ -838,7 +812,7 @@ vs_exist(virtual_server_t * old_vs) virtual_server_t *vs; LIST_FOREACH(check_data->vs, vs, e) { - if (vs_iseq(old_vs, vs)) + if (VS_ISEQ(old_vs, vs)) return vs; } @@ -1039,8 +1013,7 @@ laddr_entry_exist(local_addr_entry *laddr_entry, list l) element e; local_addr_entry *entry; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - entry = ELEMENT_DATA(e); + LIST_FOREACH(l, entry, e) { if (sockstorage_equal(&entry->addr, &laddr_entry->addr) && (entry->range == laddr_entry->range) && !strcmp(entry->ifname, laddr_entry->ifname)) @@ -1056,8 +1029,7 @@ clear_diff_laddr_entry(list old, list new, virtual_server_t * old_vs) element e; local_addr_entry *laddr_entry; - for (e = LIST_HEAD(old); e; ELEMENT_NEXT(e)) { - laddr_entry = ELEMENT_DATA(e); + LIST_FOREACH(old, laddr_entry, e) { if (!laddr_entry_exist(laddr_entry, new)) { log_message(LOG_INFO, "VS [%s-%d] in local address group %s no longer exist\n" , inet_sockaddrtos(&laddr_entry->addr) @@ -1105,67 +1077,65 @@ clear_diff_laddr(virtual_server_t * old_vs) static int __attribute((pure)) blklst_entry_exist(blklst_addr_entry *blklst_entry, list l) { - element e; - blklst_addr_entry *entry; - - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - entry = ELEMENT_DATA(e); - if (sockstorage_equal(&entry->addr, &blklst_entry->addr) && - entry->range == blklst_entry->range) - return 1; - } - return 0; + element e; + blklst_addr_entry *entry; + + LIST_FOREACH(l, entry, e) { + if (sockstorage_equal(&entry->addr, &blklst_entry->addr) && + entry->range == blklst_entry->range) + return 1; + } + return 0; } /* Clear the diff blklst address entry of the old vs */ static int clear_diff_blklst_entry(list old, list new, virtual_server_t * old_vs) { - element e; - blklst_addr_entry *blklst_entry; - - for (e = LIST_HEAD(old); e; ELEMENT_NEXT(e)) { - blklst_entry = ELEMENT_DATA(e); - if (!blklst_entry_exist(blklst_entry, new)) { - log_message(LOG_INFO, "VS [%s-%d] in blacklist address group %s no longer exist\n" - , inet_sockaddrtos(&blklst_entry->addr) - , blklst_entry->range - , old_vs->blklst_addr_gname); - - if (!ipvs_blklst_remove_entry(old_vs, blklst_entry)) - return 0; - } - } - - return 1; + element e; + blklst_addr_entry *blklst_entry; + + LIST_FOREACH(old, blklst_entry, e) { + if (!blklst_entry_exist(blklst_entry, new)) { + log_message(LOG_INFO, "VS [%s-%d] in blacklist address group %s no longer exist\n" + , inet_sockaddrtos(&blklst_entry->addr) + , blklst_entry->range + , old_vs->blklst_addr_gname); + + if (!ipvs_blklst_remove_entry(old_vs, blklst_entry)) + return 0; + } + } + + return 1; } /* Clear the diff blacklist address of the old vs */ static int clear_diff_blklst(virtual_server_t * old_vs) { - blklst_addr_group *old; - blklst_addr_group *new; - - /* - * If old vs didn't own blacklist address group, - * then do nothing and return - */ - if (!old_vs->blklst_addr_gname) - return 1; - - /* Fetch blacklist address group */ - old = ipvs_get_blklst_group_by_name(old_vs->blklst_addr_gname, - old_check_data->blklst_group); - new = ipvs_get_blklst_group_by_name(old_vs->blklst_addr_gname, - check_data->blklst_group); - - if (!clear_diff_blklst_entry(old->addr_ip, new->addr_ip, old_vs)) - return 0; - if (!clear_diff_blklst_entry(old->range, new->range, old_vs)) - return 0; - - return 1; + blklst_addr_group *old; + blklst_addr_group *new; + + /* + * If old vs didn't own blacklist address group, + * then do nothing and return + */ + if (!old_vs->blklst_addr_gname) + return 1; + + /* Fetch blacklist address group */ + old = ipvs_get_blklst_group_by_name(old_vs->blklst_addr_gname, + old_check_data->blklst_group); + new = ipvs_get_blklst_group_by_name(old_vs->blklst_addr_gname, + check_data->blklst_group); + + if (!clear_diff_blklst_entry(old->addr_ip, new->addr_ip, old_vs)) + return 0; + if (!clear_diff_blklst_entry(old->range, new->range, old_vs)) + return 0; + + return 1; } /* When reloading configuration, remove negative diff entries */ @@ -1221,9 +1191,9 @@ clear_diff_services(list old_checkers_queue) /* perform local address diff */ if (!clear_diff_laddr(vs)) return; - /* perform blacklist address diff */ - if (!clear_diff_blklst(vs)) - return; + /* perform blacklist address diff */ + if (!clear_diff_blklst(vs)) + return; } } } @@ -1288,8 +1258,13 @@ link_vsg_to_vs(void) vsg_af = AF_UNSPEC; } + /* vs configured with virtual_server_group */ + if (vs->af == AF_UNSPEC) + vs->af = vsg_af; + if (vsg_af != AF_UNSPEC && vsg_af != vs->af) { - log_message(LOG_INFO, "Virtual server group %s address family doesn't match virtual server %s - ignoring", vs->vsgname, FMT_VS(vs)); + log_message(LOG_INFO, "Virtual server group %s address family doesn't match virtual server %s - ignoring, vsg_af=%d, vs->af=%d", + vs->vsgname, FMT_VS(vs), vsg_af, vs->af); free_vs_checkers(vs); free_list_element(check_data->vs, e); } @@ -1322,8 +1297,7 @@ get_tunnel_group_by_name(char *gname, list l) if (LIST_ISEMPTY(l)) return NULL; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - group = ELEMENT_DATA(e); + LIST_FOREACH(l, group, e) { if (!strcmp(group->gname, gname)) return group; } @@ -1338,8 +1312,7 @@ tunnel_entry_exist(tunnel_entry* old_entry, tunnel_group* new_group) tunnel_entry* new_entry; list l = new_group->tunnel_entry; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - new_entry = ELEMENT_DATA(e); + LIST_FOREACH(l, new_entry, e) { if (!strcmp(old_entry->ifname, new_entry->ifname) && !strcmp(old_entry->link, new_entry->link) && !strcmp(old_entry->kind, new_entry->kind) && @@ -1368,8 +1341,7 @@ clear_tunnel_group(tunnel_group* group) if (LIST_ISEMPTY(l)) return IPVS_SUCCESS; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - entry = ELEMENT_DATA(e); + LIST_FOREACH(l, entry, e) { if (!clear_tunnel_entry(entry)) { log_message(LOG_ERR, "%s clear tunnel %s error.", __FUNCTION__, entry->ifname); return IPVS_ERROR; @@ -1392,8 +1364,7 @@ clear_diff_tunnel_group(tunnel_group* old_group, tunnel_group* new_group) if (LIST_ISEMPTY(new_group->tunnel_entry)) return clear_tunnel_group(old_group); - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - entry = ELEMENT_DATA(e); + LIST_FOREACH(l, entry, e) { if (!tunnel_entry_exist(entry, new_group)) clear_tunnel_entry(entry); } @@ -1405,15 +1376,14 @@ int clear_diff_tunnel(void) { element e; tunnel_group *group; - tunnel_group* new_group; + tunnel_group *new_group; list l = old_check_data->tunnel_group; /* If old config didn't own tunnel then nothing return */ if (LIST_ISEMPTY(l)) return IPVS_SUCCESS; - for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) { - group = ELEMENT_DATA(e); + LIST_FOREACH(l, group, e) { new_group = get_tunnel_group_by_name(group->gname, check_data->tunnel_group); if (new_group) { clear_diff_tunnel_group(group, new_group); diff --git a/tools/keepalived/keepalived/check/libipvs.c b/tools/keepalived/keepalived/check/libipvs.c index c3af1760a..57aa81f48 100644 --- a/tools/keepalived/keepalived/check/libipvs.c +++ b/tools/keepalived/keepalived/check/libipvs.c @@ -26,24 +26,6 @@ #include #include -#ifdef LIBIPVS_USE_NL -#include -#include -#include - -#ifdef _HAVE_LIBNL1_ -#define nl_sock nl_handle -#ifndef _LIBNL_DYNAMIC_ -#define nl_socket_alloc nl_handle_alloc -#define nl_socket_free nl_handle_destroy -#endif // _LIBNL_DYNAMIC_ -#endif // _HAVE_LIBNL1_ - -#ifdef _LIBNL_DYNAMIC_ -#include "libnl_link.h" -#endif // _LIBNL_DYNAMIC_ -#endif // LIBIPVS_USE_NL - #include "libipvs.h" #include "sockopt.h" #include "dp_vs.h" @@ -56,142 +38,10 @@ #include "ip_vs.h" typedef int (*qsort_cmp_t)(const void *, const void *); -typedef struct ipvs_servicedest_s { - struct ip_vs_service_app svc; - struct ip_vs_dest_user dest; -} ipvs_servicedest_t; - -typedef struct ipvs_serviceladdr_s { - struct ip_vs_service_kern svc; - struct ip_vs_laddr_kern laddr; -} ipvs_serviceladdr_t; static int sockfd = -1; static void* ipvs_func = NULL; - -#ifdef LIBIPVS_USE_NL -//static struct nl_sock *sock = NULL; -//static int family; -//static bool try_nl = true; - -/* Policy definitions */ -#ifdef _WITH_SNMP_CHECKER_ -static struct nla_policy ipvs_cmd_policy[IPVS_CMD_ATTR_MAX + 1] = { - [IPVS_CMD_ATTR_SERVICE] = { .type = NLA_NESTED }, - [IPVS_CMD_ATTR_DEST] = { .type = NLA_NESTED }, - [IPVS_CMD_ATTR_DAEMON] = { .type = NLA_NESTED }, - [IPVS_CMD_ATTR_TIMEOUT_TCP] = { .type = NLA_U32 }, - [IPVS_CMD_ATTR_TIMEOUT_TCP_FIN] = { .type = NLA_U32 }, - [IPVS_CMD_ATTR_TIMEOUT_UDP] = { .type = NLA_U32 }, - [IPVS_CMD_ATTR_LADDR] = { .type = NLA_NESTED }, -}; - -static struct nla_policy ipvs_service_policy[IPVS_SVC_ATTR_MAX + 1] = { - [IPVS_SVC_ATTR_AF] = { .type = NLA_U16 }, - [IPVS_SVC_ATTR_PROTOCOL] = { .type = NLA_U16 }, - [IPVS_SVC_ATTR_ADDR] = { .type = NLA_UNSPEC, - .maxlen = sizeof(struct in6_addr) }, - [IPVS_SVC_ATTR_PORT] = { .type = NLA_U16 }, - [IPVS_SVC_ATTR_FWMARK] = { .type = NLA_U32 }, - [IPVS_SVC_ATTR_SCHED_NAME] = { .type = NLA_STRING, - .maxlen = IP_VS_SCHEDNAME_MAXLEN }, - [IPVS_SVC_ATTR_FLAGS] = { .type = NLA_UNSPEC, - .minlen = sizeof(struct ip_vs_flags), - .maxlen = sizeof(struct ip_vs_flags) }, - [IPVS_SVC_ATTR_TIMEOUT] = { .type = NLA_U32 }, - [IPVS_SVC_ATTR_NETMASK] = { .type = NLA_U32 }, - [IPVS_SVC_ATTR_STATS] = { .type = NLA_NESTED }, -#ifdef _HAVE_PE_NAME_ - [IPVS_SVC_ATTR_PE_NAME] = { .type = NLA_STRING, - .maxlen = IP_VS_PENAME_MAXLEN }, -#endif // _HAVE_PE_NAME -#ifdef _WITH_LVS_64BIT_STATS_ - [IPVS_SVC_ATTR_STATS64] = { .type = NLA_NESTED }, -#endif // _WITH_LVS_64BIT_STATS_ - [IPVS_SVC_ATTR_BPS] = { .type = NLA_U32}, -}; - -static struct nla_policy ipvs_dest_policy[IPVS_DEST_ATTR_MAX + 1] = { - [IPVS_DEST_ATTR_ADDR] = { .type = NLA_UNSPEC, - .maxlen = sizeof(struct in6_addr) }, - [IPVS_DEST_ATTR_PORT] = { .type = NLA_U16 }, - [IPVS_DEST_ATTR_FWD_METHOD] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_WEIGHT] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_U_THRESH] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_L_THRESH] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_ACTIVE_CONNS] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_INACT_CONNS] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_PERSIST_CONNS] = { .type = NLA_U32 }, - [IPVS_DEST_ATTR_STATS] = { .type = NLA_NESTED }, -#if HAVE_DECL_IPVS_DEST_ATTR_ADDR_FAMILY - [IPVS_DEST_ATTR_ADDR_FAMILY] = { .type = NLA_U16 }, -#endif // HAVE_DECL_IPVS_DEST_ATTR_ADDR_FAMILY -#ifdef _WITH_LVS_64BIT_STATS_ - [IPVS_DEST_ATTR_STATS64] = {.type = NLA_NESTED }, -#endif //_WITH_LVS_64BIT_STATS_ -}; - -struct nla_policy ipvs_laddr_policy[IPVS_LADDR_ATTR_MAX + 1] = { - [IPVS_LADDR_ATTR_ADDR] = { .type = NLA_UNSPEC, - .maxlen = sizeof(struct in6_addr) }, - [IPVS_LADDR_ATTR_PORT_CONFLICT] = { .type = NLA_U64 }, - [IPVS_LADDR_ATTR_CONN_COUNTS] = { .type = NLA_U32 }, -}; - -#ifdef _WITH_LVS_64BIT_STATS_ -static struct nla_policy ipvs_stats64_policy[IPVS_STATS_ATTR_MAX + 1] = { - [IPVS_STATS_ATTR_CONNS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INPKTS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTPKTS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INBYTES] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTBYTES] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_CPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INPPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTPPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INBPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTBPS] = { .type = NLA_U64 }, -}; -#endif // _WITH_LVS_64BIT_STATS_ - -static struct nla_policy ipvs_stats_policy[IPVS_STATS_ATTR_MAX + 1] = { - [IPVS_STATS_ATTR_CONNS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INPKTS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTPKTS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INBYTES] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTBYTES] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_CPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INPPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTPPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_INBPS] = { .type = NLA_U64 }, - [IPVS_STATS_ATTR_OUTBPS] = { .type = NLA_U64 }, -}; -#endif /* _WITH_SNMP_CHECKER_ */ - -#if 0 -static struct nla_policy ipvs_info_policy[IPVS_INFO_ATTR_MAX + 1] = { - [IPVS_INFO_ATTR_VERSION] = { .type = NLA_U32 }, - [IPVS_INFO_ATTR_CONN_TAB_SIZE] = { .type = NLA_U32 }, -}; -#endif -#endif // LIBIPVS_USE_NL - - -#ifdef LIBIPVS_USE_NL -#ifndef NLA_PUT_S32 -#define NLA_PUT_S32(msg, attrtype, value) \ - NLA_PUT_TYPE(msg, int32_t, attrtype, value) - -static inline int32_t -nla_get_s32(struct nlattr *attr) -{ - return (int32_t)nla_get_u32(attr); -} -#endif // NLA_PUT_S32 -#endif // LIBIPVS_USE_NL - - -/* ipv6 support */ typedef struct dpvs_servicedest_s { struct dp_vs_service_user svc; struct dp_vs_dest_user dest; @@ -199,7 +49,7 @@ typedef struct dpvs_servicedest_s { typedef struct dp_vs_service_entry_app { struct dp_vs_service_entry user; -}dpvs_service_entry_t; +} dpvs_service_entry_t; // IPVS_2_DPVS(dp_vs_service_user, ip_vs_service_app/ipvs_service_t) #define IPVS_2_DPVS(X, Y) { \ @@ -265,7 +115,26 @@ typedef struct dp_vs_service_entry_app { X->user.persistconns = Y->persistconns; \ memcpy(&X->stats, &Y->stats, sizeof(X->stats));} -void ipvs_service_entry_2_user(const ipvs_service_entry_t *entry, ipvs_service_t *user); +static void ipvs_service_entry_2_user(const ipvs_service_entry_t *entry, ipvs_service_t *rule) +{ + rule->user.protocol = entry->user.protocol; + rule->user.__addr_v4 = entry->user.__addr_v4; + rule->user.port = entry->user.port; + rule->user.fwmark = entry->user.fwmark; + strcpy(rule->user.sched_name, entry->user.sched_name); + rule->user.flags = entry->user.flags; + rule->user.timeout = entry->user.timeout; + rule->user.conn_timeout = entry->user.conn_timeout; + rule->user.netmask = entry->user.netmask; + rule->af = entry->af; + rule->nf_addr = entry->nf_addr; + strcpy(rule->pe_name, entry->pe_name); + strcpy(rule->user.srange, entry->user.srange); + strcpy(rule->user.drange, entry->user.drange); + strcpy(rule->user.iifname, entry->user.iifname); + strcpy(rule->user.iifname, entry->user.iifname); +} + struct ip_vs_getinfo g_ipvs_info; int ipvs_init(lcoreid_t cid) @@ -282,7 +151,8 @@ int ipvs_init(lcoreid_t cid) return -1; } #endif - len_rcv = len = sizeof(g_ipvs_info); + len = sizeof(g_ipvs_info); + len_rcv = len; if (dpvs_getsockopt(DPVS_SO_GET_INFO, (const void*)&g_ipvs_info, len, (void **)&ipvs_info_rcv, &len_rcv)) { return -1; @@ -311,7 +181,6 @@ int ipvs_add_service(ipvs_service_t *svc) return dpvs_setsockopt(DPVS_SO_SET_ADD, &dpvs_svc, sizeof(dpvs_svc)); } - int ipvs_update_service(ipvs_service_t *svc) { struct dp_vs_service_user dpvs_svc; @@ -320,7 +189,7 @@ int ipvs_update_service(ipvs_service_t *svc) IPVS_2_DPVS((&dpvs_svc), svc); - return dpvs_setsockopt(DPVS_SO_SET_ADD, &dpvs_svc, sizeof(dpvs_svc)); + return dpvs_setsockopt(DPVS_SO_SET_EDIT, &dpvs_svc, sizeof(dpvs_svc)); } int ipvs_update_service_by_options(ipvs_service_t *svc, unsigned int options) @@ -330,77 +199,66 @@ int ipvs_update_service_by_options(ipvs_service_t *svc, unsigned int options) if (!(entry = ipvs_get_service(svc, 0))) { fprintf(stderr, "%s\n", ipvs_strerror(errno)); - exit(1); + return ESOCKOPT_INVAL; } ipvs_service_entry_2_user(entry, &app); - if( options & OPT_SCHEDULER ) { + if (options & OPT_SCHEDULER) { strcpy(app.user.sched_name, svc->user.sched_name); if (strcmp(svc->user.sched_name, "conhash")) { app.user.flags &= ~IP_VS_SVC_F_QID_HASH; app.user.flags &= ~IP_VS_SVC_F_SIP_HASH; - } - else { + } else { app.user.flags |= IP_VS_SVC_F_SIP_HASH; } } - if( options & OPT_PERSISTENT ) { + if (options & OPT_PERSISTENT) { app.user.flags |= IP_VS_SVC_F_PERSISTENT; app.user.timeout = svc->user.timeout; } - if( options & OPT_NETMASK ) { + if (options & OPT_NETMASK) { app.user.netmask = svc->user.netmask; } - if( options & OPT_SYNPROXY ) { - if( svc->user.flags & IP_VS_CONN_F_SYNPROXY ) { + if (options & OPT_SYNPROXY) { + if(svc->user.flags & IP_VS_CONN_F_SYNPROXY) { app.user.flags |= IP_VS_CONN_F_SYNPROXY; } else { app.user.flags &= ~IP_VS_CONN_F_SYNPROXY; } } - if( options & OPT_ONEPACKET ) { + if (options & OPT_ONEPACKET) { app.user.flags |= IP_VS_SVC_F_ONEPACKET; } - if( options & OPT_HASHTAG ) { - if ( svc->user.flags & IP_VS_SVC_F_SIP_HASH ) { - app.user.flags |= IP_VS_SVC_F_SIP_HASH; - } else if ( svc->user.flags & IP_VS_SVC_F_QID_HASH ) { - app.user.flags |= IP_VS_SVC_F_QID_HASH; - } else { - app.user.flags |= IP_VS_SVC_F_SIP_HASH; - } - } + if (options & OPT_HASHTAG) { + if (svc->user.flags & IP_VS_SVC_F_SIP_HASH) { + app.user.flags |= IP_VS_SVC_F_SIP_HASH; + } else if (svc->user.flags & IP_VS_SVC_F_QID_HASH) { + app.user.flags |= IP_VS_SVC_F_QID_HASH; + } else { + app.user.flags |= IP_VS_SVC_F_SIP_HASH; + } + } return ipvs_update_service(&app); } int ipvs_update_service_synproxy(ipvs_service_t *svc , int enable) { - ipvs_service_entry_t *entry; + unsigned int options = OPT_NONE; - if (!(entry = ipvs_get_service(svc, 0))) { - fprintf(stderr, "%s\n", ipvs_strerror(errno)); - exit(1); - } - - strcpy(svc->user.sched_name , entry->user.sched_name); - strcpy(svc->pe_name , entry->pe_name); - svc->user.flags = entry->user.flags; - svc->user.timeout = entry->user.timeout; - svc->user.conn_timeout = entry->user.conn_timeout; - svc->user.netmask = entry->user.netmask; - - if(enable) - svc->user.flags = svc->user.flags | IP_VS_CONN_F_SYNPROXY; + options |= OPT_SYNPROXY; + + if (enable) + svc->user.flags |= IP_VS_CONN_F_SYNPROXY; else - svc->user.flags = svc->user.flags & (~IP_VS_CONN_F_SYNPROXY); + svc->user.flags &= (~IP_VS_CONN_F_SYNPROXY); - return 0; + return ipvs_update_service_by_options(svc, options); } int ipvs_del_service(ipvs_service_t *svc) @@ -414,7 +272,6 @@ int ipvs_del_service(ipvs_service_t *svc) return dpvs_setsockopt(DPVS_SO_SET_DEL, &dpvs_svc, sizeof(dpvs_svc)); } - int ipvs_zero_service(ipvs_service_t *svc) { struct dp_vs_service_user dpvs_svc; @@ -440,7 +297,6 @@ int ipvs_add_dest(ipvs_service_t *svc, ipvs_dest_t *dest) return dpvs_setsockopt(DPVS_SO_SET_ADDDEST, &svcdest, sizeof(svcdest)); } - int ipvs_update_dest(ipvs_service_t *svc, ipvs_dest_t *dest) { dpvs_servicedest_t svcdest; @@ -455,7 +311,6 @@ int ipvs_update_dest(ipvs_service_t *svc, ipvs_dest_t *dest) return dpvs_setsockopt(DPVS_SO_SET_EDITDEST, &svcdest, sizeof(svcdest)); } - int ipvs_del_dest(ipvs_service_t *svc, ipvs_dest_t *dest) { dpvs_servicedest_t svcdest; @@ -499,6 +354,7 @@ static void ipvs_fill_ipaddr_conf(int is_add, uint32_t flags, ipvs_laddr_t *laddr, struct inet_addr_param *param) { memset(param, 0, sizeof(*param)); + if (is_add) param->ifa_ops = INET_ADDR_ADD; else @@ -515,14 +371,17 @@ static void ipvs_fill_ipaddr_conf(int is_add, uint32_t flags, param->ifa_entry.addr.in6 = laddr->addr.in6; } param->ifa_entry.flags |= IFA_F_SAPOOL; + return; } -int ipvs_add_laddr(ipvs_service_t *svc, ipvs_laddr_t * laddr) +int ipvs_add_laddr(ipvs_service_t *svc, ipvs_laddr_t *laddr) { struct dp_vs_laddr_conf conf; struct inet_addr_param param; + ipvs_func = ipvs_add_laddr; + ipvs_fill_laddr_conf(svc, laddr, &conf); ipvs_fill_ipaddr_conf(1, 0, laddr, ¶m); ipvs_set_ipaddr(¶m, 1); @@ -530,11 +389,13 @@ int ipvs_add_laddr(ipvs_service_t *svc, ipvs_laddr_t * laddr) return dpvs_setsockopt(SOCKOPT_SET_LADDR_ADD, &conf, sizeof(conf)); } -int ipvs_del_laddr(ipvs_service_t *svc, ipvs_laddr_t * laddr) +int ipvs_del_laddr(ipvs_service_t *svc, ipvs_laddr_t *laddr) { struct dp_vs_laddr_conf conf; struct inet_addr_param param; + ipvs_func = ipvs_del_laddr; + ipvs_fill_laddr_conf(svc, laddr, &conf); ipvs_fill_ipaddr_conf(0, 0, laddr, ¶m); ipvs_set_ipaddr(¶m, 0); @@ -566,22 +427,26 @@ int ipvs_add_blklst(ipvs_service_t *svc, ipvs_blklst_t *blklst) { struct dp_vs_blklst_conf conf; + ipvs_func = ipvs_add_blklst; + ipvs_fill_blklst_conf(svc, blklst, &conf); return dpvs_setsockopt(SOCKOPT_SET_BLKLST_ADD, &conf, sizeof(conf)); } -int ipvs_del_blklst(ipvs_service_t *svc, ipvs_blklst_t * blklst) +int ipvs_del_blklst(ipvs_service_t *svc, ipvs_blklst_t *blklst) { struct dp_vs_blklst_conf conf; + ipvs_func = ipvs_del_blklst; + ipvs_fill_blklst_conf(svc, blklst, &conf); return dpvs_setsockopt(SOCKOPT_SET_BLKLST_DEL, &conf, sizeof(conf)); } /* for tunnel entry */ -static void ipvs_fill_tunnel_conf(ipvs_tunnel_t* tunnel_entry, +static void ipvs_fill_tunnel_conf(ipvs_tunnel_t *tunnel_entry, struct ip_tunnel_param *conf) { memset(conf, 0, sizeof(*conf)); @@ -594,19 +459,25 @@ static void ipvs_fill_tunnel_conf(ipvs_tunnel_t* tunnel_entry, return; } -int ipvs_add_tunnel(ipvs_tunnel_t* tunnel_entry) +int ipvs_add_tunnel(ipvs_tunnel_t *tunnel_entry) { struct ip_tunnel_param conf; - ipvs_fill_tunnel_conf(tunnel_entry, &conf); + ipvs_func = ipvs_add_tunnel; + + ipvs_fill_tunnel_conf(tunnel_entry, &conf); + return dpvs_setsockopt(SOCKOPT_TUNNEL_ADD, &conf, sizeof(conf)); } -int ipvs_del_tunnel(ipvs_tunnel_t* tunnel_entry) +int ipvs_del_tunnel(ipvs_tunnel_t *tunnel_entry) { struct ip_tunnel_param conf; - ipvs_fill_tunnel_conf(tunnel_entry, &conf); + ipvs_func = ipvs_del_tunnel; + + ipvs_fill_tunnel_conf(tunnel_entry, &conf); + return dpvs_setsockopt(SOCKOPT_TUNNEL_DEL, &conf, sizeof(conf)); } @@ -618,7 +489,6 @@ int ipvs_set_timeout(ipvs_timeout_t *to) sizeof(*to)); } - int ipvs_start_daemon(ipvs_daemon_t *dm) { ipvs_func = ipvs_start_daemon; @@ -636,7 +506,7 @@ int ipvs_stop_daemon(ipvs_daemon_t *dm) (char *)&dm, sizeof(dm)); } -static inline sockoptid_t cpu2opt_svc(lcoreid_t cid, sockoptid_t old_opt) +static inline sockoptid_t cpu2opt_svc(lcoreid_t cid, sockoptid_t old_opt) { return old_opt + cid * (SOCKOPT_SVC_GET_CMD_MAX - SOCKOPT_SVC_BASE + 1); } @@ -656,6 +526,8 @@ struct ip_vs_get_services_app *ipvs_get_services(lcoreid_t cid) size_t len = 0, len_rcv = 0; unsigned int i; + ipvs_func = ipvs_get_services; + len = sizeof(struct ip_vs_get_services_app) + sizeof(ipvs_service_entry_t) * g_ipvs_info.num_services; if (!(get = calloc(len, 1))) @@ -668,14 +540,15 @@ struct ip_vs_get_services_app *ipvs_get_services(lcoreid_t cid) } dpvs_get->num_services = g_ipvs_info.num_services; dpvs_get->cid = cid; - if (dpvs_getsockopt(cpu2opt_svc(cid, DPVS_SO_GET_SERVICES), dpvs_get, len, (void **)&dpvs_get_rcv, &len_rcv)) { + if (dpvs_getsockopt(cpu2opt_svc(cid, DPVS_SO_GET_SERVICES), dpvs_get, len, + (void **)&dpvs_get_rcv, &len_rcv)) { free(get); free(dpvs_get); return NULL; } get->user.num_services = dpvs_get_rcv->num_services; - g_ipvs_info.num_services = dpvs_get_rcv->num_services; + g_ipvs_info.num_services = dpvs_get_rcv->num_services; for (i = 0; i < dpvs_get_rcv->num_services; i++) { ipvs_entry = &get->user.entrytable[i]; dpvs_entry = (dpvs_service_entry_t*)&dpvs_get_rcv->entrytable[i]; @@ -703,6 +576,8 @@ struct ip_vs_get_dests_app *ipvs_get_dests(ipvs_service_entry_t *svc, lcoreid_t size_t len = 0, len_rcv = 0; unsigned i; + ipvs_func = ipvs_get_dests; + len = sizeof(struct ip_vs_get_dests_app) + sizeof(ipvs_dest_entry_t) * svc->user.num_dests; if (!(d = calloc(len, 1))) @@ -726,7 +601,8 @@ struct ip_vs_get_dests_app *ipvs_get_dests(ipvs_service_entry_t *svc, lcoreid_t snprintf(dpvs_dests->iifname, sizeof(dpvs_dests->iifname), "%s", svc->user.iifname); snprintf(dpvs_dests->oifname, sizeof(dpvs_dests->oifname), "%s", svc->user.oifname); - if (dpvs_getsockopt(cpu2opt_svc(cid, DPVS_SO_GET_DESTS), dpvs_dests, len, (void **)&dpvs_dests_rcv, &len_rcv) < 0) { + if (dpvs_getsockopt(cpu2opt_svc(cid, DPVS_SO_GET_DESTS), dpvs_dests, len, + (void **)&dpvs_dests_rcv, &len_rcv) < 0) { free(d); free(dpvs_dests); return NULL; @@ -757,7 +633,6 @@ struct ip_vs_get_dests_app *ipvs_get_dests(ipvs_service_entry_t *svc, lcoreid_t return d; } - ipvs_service_entry_t * ipvs_get_service(ipvs_service_t *hint, lcoreid_t cid) { @@ -863,55 +738,68 @@ void ipvs_sort_dests(struct ip_vs_get_dests_app *d, ipvs_dest_cmp_t f) sizeof(ipvs_dest_entry_t), (qsort_cmp_t)f); } -int ipvs_set_route(struct dp_vs_route_conf* rt, int cmd) +int ipvs_set_route(struct dp_vs_route_conf *rt, int cmd) { - int err = -1; - if (cmd == IPROUTE_DEL){ - err = dpvs_setsockopt(SOCKOPT_SET_ROUTE_DEL, rt, sizeof(struct dp_vs_route_conf)); - free(rt); - } - else if (cmd == IPROUTE_ADD){ - err = dpvs_setsockopt(SOCKOPT_SET_ROUTE_ADD, rt, sizeof(struct dp_vs_route_conf)); - free(rt); - } - return err; + int err = -1; + + ipvs_func = ipvs_set_route; + + if (cmd == IPROUTE_DEL){ + err = dpvs_setsockopt(SOCKOPT_SET_ROUTE_DEL, rt, sizeof(struct dp_vs_route_conf)); + } else if (cmd == IPROUTE_ADD){ + err = dpvs_setsockopt(SOCKOPT_SET_ROUTE_ADD, rt, sizeof(struct dp_vs_route_conf)); + } + + return err; } int ipvs_set_route6(struct dp_vs_route6_conf *rt6_cfg, int cmd) { - int err = -1; - if (cmd == IPROUTE_DEL) { - rt6_cfg->ops = RT6_OPS_DEL; - err = dpvs_setsockopt(SOCKOPT_SET_ROUTE6_ADD_DEL, rt6_cfg, - sizeof(struct dp_vs_route6_conf)); - } else if (cmd == IPROUTE_ADD) { - rt6_cfg->ops = RT6_OPS_ADD; - err = dpvs_setsockopt(SOCKOPT_SET_ROUTE6_ADD_DEL, rt6_cfg, - sizeof(struct dp_vs_route6_conf)); - } - return err; + int err = -1; + + ipvs_func = ipvs_set_route6; + + if (cmd == IPROUTE_DEL) { + rt6_cfg->ops = RT6_OPS_DEL; + err = dpvs_setsockopt(SOCKOPT_SET_ROUTE6_ADD_DEL, rt6_cfg, + sizeof(struct dp_vs_route6_conf)); + } else if (cmd == IPROUTE_ADD) { + rt6_cfg->ops = RT6_OPS_ADD; + err = dpvs_setsockopt(SOCKOPT_SET_ROUTE6_ADD_DEL, rt6_cfg, + sizeof(struct dp_vs_route6_conf)); + } + return err; } int ipvs_set_ipaddr(struct inet_addr_param *param, int cmd) { - int err = -1; - if (cmd == IPADDRESS_DEL) - err = dpvs_setsockopt(SOCKOPT_SET_IFADDR_DEL, param, sizeof(struct inet_addr_param)); - else if (cmd == IPADDRESS_ADD) - err = dpvs_setsockopt(SOCKOPT_SET_IFADDR_ADD, param, sizeof(struct inet_addr_param)); - return err; + int err = -1; + + ipvs_func = ipvs_set_ipaddr; + + if (cmd == IPADDRESS_DEL) + err = dpvs_setsockopt(SOCKOPT_SET_IFADDR_DEL, param, sizeof(struct inet_addr_param)); + else if (cmd == IPADDRESS_ADD) + err = dpvs_setsockopt(SOCKOPT_SET_IFADDR_ADD, param, sizeof(struct inet_addr_param)); + + return err; } int ipvs_send_gratuitous_arp(struct in_addr *in) { - return dpvs_setsockopt(DPVS_SO_SET_GRATARP, in, sizeof(in)); + ipvs_func = ipvs_send_gratuitous_arp; + + return dpvs_setsockopt(DPVS_SO_SET_GRATARP, in, sizeof(in)); } ipvs_timeout_t *ipvs_get_timeout(void) { +#if 0 ipvs_timeout_t *u; socklen_t len; + ipvs_func = ipvs_get_timeout; + len = sizeof(*u); if (!(u = malloc(len))) return NULL; @@ -922,12 +810,13 @@ ipvs_timeout_t *ipvs_get_timeout(void) free(u); return NULL; } - +#endif return NULL; -} +} ipvs_daemon_t *ipvs_get_daemon(void) { +#if 0 ipvs_daemon_t *u; socklen_t len; @@ -942,9 +831,11 @@ ipvs_daemon_t *ipvs_get_daemon(void) free(u); return NULL; } +#endif return NULL; } + void ipvs_close(void) { if (sockfd != -1) { @@ -953,48 +844,50 @@ void ipvs_close(void) } } -struct ip_vs_conn_array* ip_vs_get_conns(const struct ip_vs_conn_req *req) +struct ip_vs_conn_array *ip_vs_get_conns(const struct ip_vs_conn_req *req) { - int res; - size_t arrlen, rcvlen; - struct ip_vs_conn_array *conn_arr, *arr_rcv; - - if (req->flag & GET_IPVS_CONN_FLAG_SPECIFIED) - res = dpvs_getsockopt(SOCKOPT_GET_CONN_SPECIFIED, req, - sizeof(struct ip_vs_conn_req), - (void **)&arr_rcv, &rcvlen); - else - res = dpvs_getsockopt(SOCKOPT_GET_CONN_ALL, req, - sizeof(struct ip_vs_conn_req), - (void **)&arr_rcv, &rcvlen); - - if (res != ESOCKOPT_OK) { - fprintf(stderr, "%s: got errcode %d from dpvs_getsockopt\n", __func__, res); - return NULL; - } - - if (req->flag & GET_IPVS_CONN_FLAG_SPECIFIED) - arrlen = sizeof(struct ip_vs_conn_array) + sizeof(ipvs_conn_entry_t); - else - arrlen = sizeof(struct ip_vs_conn_array) + MAX_CTRL_CONN_GET_ENTRIES * - sizeof(ipvs_conn_entry_t); - - if (!arr_rcv || rcvlen > arrlen) { + int res; + size_t arrlen, rcvlen; + struct ip_vs_conn_array *conn_arr, *arr_rcv; + + ipvs_func = ip_vs_get_conns; + + if (req->flag & GET_IPVS_CONN_FLAG_SPECIFIED) + res = dpvs_getsockopt(SOCKOPT_GET_CONN_SPECIFIED, req, + sizeof(struct ip_vs_conn_req), + (void **)&arr_rcv, &rcvlen); + else + res = dpvs_getsockopt(SOCKOPT_GET_CONN_ALL, req, + sizeof(struct ip_vs_conn_req), + (void **)&arr_rcv, &rcvlen); + + if (res != ESOCKOPT_OK) { + fprintf(stderr, "%s: got errcode %d from dpvs_getsockopt\n", __func__, res); + return NULL; + } + + if (req->flag & GET_IPVS_CONN_FLAG_SPECIFIED) + arrlen = sizeof(struct ip_vs_conn_array) + sizeof(ipvs_conn_entry_t); + else + arrlen = sizeof(struct ip_vs_conn_array) + MAX_CTRL_CONN_GET_ENTRIES * + sizeof(ipvs_conn_entry_t); + + if (!arr_rcv || rcvlen > arrlen) { fprintf(stderr, "%s: bad sockopt connection repsonse\n", __func__); return NULL; - } + } - conn_arr = calloc(1, arrlen); - if (!conn_arr) { - dpvs_sockopt_msg_free(arr_rcv); - fprintf(stderr, "%s: out of memory\n", __func__); - return NULL; - } + conn_arr = calloc(1, arrlen); + if (!conn_arr) { + dpvs_sockopt_msg_free(arr_rcv); + fprintf(stderr, "%s: out of memory\n", __func__); + return NULL; + } - memcpy(conn_arr, arr_rcv, rcvlen); - dpvs_sockopt_msg_free(arr_rcv); + memcpy(conn_arr, arr_rcv, rcvlen); + dpvs_sockopt_msg_free(arr_rcv); - return conn_arr; + return conn_arr; } struct ip_vs_get_laddrs *ipvs_get_laddrs(ipvs_service_entry_t *svc, lcoreid_t cid) @@ -1004,6 +897,8 @@ struct ip_vs_get_laddrs *ipvs_get_laddrs(ipvs_service_entry_t *svc, lcoreid_t ci size_t res_size; int i; + ipvs_func = ipvs_get_laddrs; + memset(&conf, 0, sizeof(struct dp_vs_laddr_conf)); conf.af_s = svc->af; conf.proto = svc->user.protocol; @@ -1062,6 +957,8 @@ struct dp_vs_blklst_conf_array *ipvs_get_blklsts(void) size_t size; int i, err; + ipvs_func = ipvs_get_blklsts; + err = dpvs_getsockopt(SOCKOPT_GET_BLKLST_GETALL, NULL, 0, (void **)&result, &size); if (err != 0) @@ -1078,13 +975,13 @@ struct dp_vs_blklst_conf_array *ipvs_get_blklsts(void) for (i = 0; i < result->naddr; i++) { memcpy(&array->blklsts[i], &result->blklsts[i], sizeof(struct dp_vs_blklst_conf)); - } + dpvs_sockopt_msg_free(result); return array; } -void ipvs_free_service(ipvs_service_entry_t* p) +void ipvs_free_service(ipvs_service_entry_t *p) { free(p); } @@ -1123,8 +1020,6 @@ const char *ipvs_strerror(int err) { ipvs_get_blklsts, ESRCH, "Service not defined" }, { ipvs_get_dests, ESRCH, "No such service" }, { ipvs_get_service, ESRCH, "No such service" }, -#ifdef _WITH_SNMP_CHECKER_ -#endif { 0, EPERM, "Permission denied (you must be root)" }, { 0, EINVAL, "Invalid operation. Possibly wrong module version, address not unicast, ..." }, { 0, ENOPROTOOPT, "Protocol not available" }, @@ -1143,23 +1038,3 @@ const char *ipvs_strerror(int err) return strerror(err); } -void ipvs_service_entry_2_user(const ipvs_service_entry_t *entry, ipvs_service_t *rule) -{ - rule->user.protocol = entry->user.protocol; - rule->user.__addr_v4 = entry->user.__addr_v4; - rule->user.port = entry->user.port; - rule->user.fwmark = entry->user.fwmark; - strcpy(rule->user.sched_name, entry->user.sched_name); - rule->user.flags = entry->user.flags; - rule->user.timeout = entry->user.timeout; - rule->user.conn_timeout = entry->user.conn_timeout; - rule->user.netmask = entry->user.netmask; - rule->af = entry->af; - rule->nf_addr = entry->nf_addr; - strcpy(rule->pe_name, entry->pe_name); - strcpy(rule->user.srange, entry->user.srange); - strcpy(rule->user.drange, entry->user.drange); - strcpy(rule->user.iifname, entry->user.iifname); - strcpy(rule->user.iifname, entry->user.iifname); -} - diff --git a/tools/keepalived/keepalived/include/check_data.h b/tools/keepalived/keepalived/include/check_data.h index 8c65f06b9..3d73e4311 100644 --- a/tools/keepalived/keepalived/include/check_data.h +++ b/tools/keepalived/keepalived/include/check_data.h @@ -124,28 +124,28 @@ typedef struct _local_addr_group { /* blacklist ip group*/ typedef struct _blklst_addr_entry { - struct sockaddr_storage addr; - uint32_t range; + struct sockaddr_storage addr; + uint32_t range; } blklst_addr_entry; typedef struct _blklst_addr_group { - char *gname; - list addr_ip; - list range; + char *gname; + list addr_ip; + list range; } blklst_addr_group; typedef struct _tunnel_entry { - struct sockaddr_storage remote; - struct sockaddr_storage local; - char kind[TNLKINDSIZ]; - char ifname[IFNAMSIZ]; - char link[IFNAMSIZ]; + struct sockaddr_storage remote; + struct sockaddr_storage local; + char kind[TNLKINDSIZ]; + char ifname[IFNAMSIZ]; + char link[IFNAMSIZ]; } tunnel_entry; typedef struct _tunnel_group { - char *gname; - list tunnel_entry; + char *gname; + list tunnel_entry; } tunnel_group; @@ -171,7 +171,6 @@ typedef struct _virtual_server_group_entry { typedef struct _virtual_server_group { char *gname; - list addr_ip; list addr_range; list vfwmark; } virtual_server_group_t; @@ -271,6 +270,51 @@ typedef struct _check_data { #define FMT_RS(R, V) (format_rs(R, V)) #define FMT_VS(V) (format_vs((V))) +static inline bool quorum_equal(const notify_script_t *quorum1, + const notify_script_t *quorum2) +{ + int args_index = 0; + + if (!quorum1 && !quorum2) + return true; + if (!quorum1 || !quorum2) + return false; + if (quorum1->num_args != quorum2->num_args) + return false; + for (args_index = 0; args_index < quorum1->num_args; args_index++) { + if (strcmp(quorum1->args[args_index], quorum2->args[args_index])) + return false; + } + return true; +} + +#define VS_ISEQ(X,Y) (sockstorage_equal(&(X)->addr,&(Y)->addr) &&\ + (X)->vfwmark == (Y)->vfwmark &&\ + (X)->service_type == (Y)->service_type &&\ + (X)->forwarding_method == (Y)->forwarding_method &&\ + (X)->hash_target == (Y)->hash_target &&\ + (X)->syn_proxy == (Y)->syn_proxy &&\ + quorum_equal((X)->notify_quorum_up, (Y)->notify_quorum_up) &&\ + quorum_equal((X)->notify_quorum_down, (Y)->notify_quorum_down) &&\ + !strcmp((X)->sched, (Y)->sched) &&\ + (X)->persistence_timeout == (Y)->persistence_timeout &&\ + (X)->conn_timeout == (Y)->conn_timeout &&\ + (X)->bps == (Y)->bps &&\ + (X)->limit_proportion == (Y)->limit_proportion &&\ + (((X)->vsgname && (Y)->vsgname && \ + !strcmp((X)->vsgname, (Y)->vsgname)) || \ + (!(X)->vsgname && !(Y)->vsgname)) &&\ + (((X)->local_addr_gname && (Y)->local_addr_gname && \ + !strcmp((X)->local_addr_gname, (Y)->local_addr_gname)) || \ + (!(X)->local_addr_gname && !(Y)->local_addr_gname)) &&\ + (((X)->blklst_addr_gname && (Y)->blklst_addr_gname && \ + !strcmp((X)->blklst_addr_gname, (Y)->blklst_addr_gname)) || \ + (!(X)->blklst_addr_gname && !(Y)->blklst_addr_gname)) &&\ + !strcmp((X)->srange, (Y)->srange) &&\ + !strcmp((X)->drange, (Y)->drange) &&\ + !strcmp((X)->iifname, (Y)->iifname) &&\ + !strcmp((X)->oifname, (Y)->oifname)) + #ifndef IP_VS_SVC_F_SCHED_MH_PORT #define IP_VS_SVC_F_SCHED_MH_PORT IP_VS_SVC_F_SCHED_SH_PORT #endif diff --git a/tools/keepalived/keepalived/include/conf b/tools/keepalived/keepalived/include/conf new file mode 120000 index 000000000..eea79722f --- /dev/null +++ b/tools/keepalived/keepalived/include/conf @@ -0,0 +1 @@ +../../../../include/conf \ No newline at end of file diff --git a/tools/keepalived/keepalived/include/conf/README b/tools/keepalived/keepalived/include/conf/README deleted file mode 100644 index d3173f632..000000000 --- a/tools/keepalived/keepalived/include/conf/README +++ /dev/null @@ -1,4 +0,0 @@ -Header files in "./tools/keepalived/keepalived/include/conf/" -is a mirror of "./include/conf/". - -Always keep the header files of the two paths the same! diff --git a/tools/keepalived/keepalived/include/conf/blklst.h b/tools/keepalived/keepalived/include/conf/blklst.h deleted file mode 100644 index 9efce8c5c..000000000 --- a/tools/keepalived/keepalived/include/conf/blklst.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * Note: control plane only - * based on dpvs_sockopt. - */ -#ifndef __DPVS_BLKLST_CONF_H__ -#define __DPVS_BLKLST_CONF_H__ -#include "inet.h" - -enum { - /* set */ - SOCKOPT_SET_BLKLST_ADD = 700, - SOCKOPT_SET_BLKLST_DEL, - SOCKOPT_SET_BLKLST_FLUSH, - /* get */ - SOCKOPT_GET_BLKLST_GETALL, -}; - -struct dp_vs_blklst_entry { - union inet_addr addr; -}; - -struct dp_vs_blklst_conf { - /* identify service */ - int af; - uint8_t proto; - union inet_addr vaddr; - uint16_t vport; - uint32_t fwmark; - - /* for set */ - union inet_addr blklst; -}; - -struct dp_vs_blklst_conf_array { - int naddr; - struct dp_vs_blklst_conf blklsts[0]; -} __attribute__((__packed__)); - -#endif /* __DPVS_BLKLST_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/common.h b/tools/keepalived/keepalived/include/conf/common.h deleted file mode 100644 index 43ed3fdd1..000000000 --- a/tools/keepalived/keepalived/include/conf/common.h +++ /dev/null @@ -1,159 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_COMMON_H__ -#define __DPVS_COMMON_H__ -#include -#include -#include -#include -#include -#include - -#ifndef NELEMS -#define NELEMS(a) (sizeof(a) / sizeof((a)[0])) -#endif - -#ifndef min -#define min(x,y) ({ \ - typeof(x) _x = (x); \ - typeof(y) _y = (y); \ - (void) (&_x == &_y); \ - _x < _y ? _x : _y; }) -#endif - -#ifndef max -#define max(x,y) ({ \ - typeof(x) _x = (x); \ - typeof(y) _y = (y); \ - (void) (&_x == &_y); \ - _x > _y ? _x : _y; }) -#endif - -#ifndef min_t -#define min_t(type, a, b) min(((type) a), ((type) b)) -#endif -#ifndef max_t -#define max_t(type, a, b) max(((type) a), ((type) b)) -#endif - -#ifndef __be32 -typedef uint32_t __be32; -#endif - -#ifndef __be16 -typedef uint16_t __be16; -#endif - -#ifndef __u8 -typedef uint8_t __u8; -#endif - -#ifndef __u16 -typedef uint16_t __u16; -#endif - -#ifndef __u32 -typedef uint32_t __u32; -#endif - -#ifndef lcoreid_t -typedef uint8_t lcoreid_t; -#endif - - -#define DPVS_WAIT_WHILE(expr) while(expr){;} - -typedef enum { - DPVS_STATE_STOP = 1, - DPVS_STATE_INIT, - DPVS_STATE_NORMAL, - DPVS_STATE_FINISH, -} dpvs_state_t; - -void dpvs_state_set(dpvs_state_t stat); -dpvs_state_t dpvs_state_get(void); - -bool is_power2(int num, int offset, int *lower); - -enum { - EDPVS_OK = 0, - EDPVS_INVAL = -1, /* invalid parameter */ - EDPVS_NOMEM = -2, /* no memory */ - EDPVS_EXIST = -3, /* already exist */ - EDPVS_NOTEXIST = -4, /* not exist */ - EDPVS_INVPKT = -5, /* invalid packet */ - EDPVS_DROP = -6, /* packet dropped */ - EDPVS_NOPROT = -7, /* no protocol */ - EDPVS_NOROUTE = -8, /* no route */ - EDPVS_DEFRAG = -9, /* defragment error */ - EDPVS_FRAG = -10, /* fragment error */ - EDPVS_DPDKAPIFAIL = -11, /* DPDK error */ - EDPVS_IDLE = -12, /* nothing to do */ - EDPVS_BUSY = -13, /* resource busy */ - EDPVS_NOTSUPP = -14, /* not support */ - EDPVS_RESOURCE = -15, /* no resource */ - EDPVS_OVERLOAD = -16, /* overloaded */ - EDPVS_NOSERV = -17, /* no service */ - EDPVS_DISABLED = -18, /* disabled */ - EDPVS_NOROOM = -19, /* no room */ - EDPVS_NONEALCORE = -20, /* non-eal thread lcore */ - EDPVS_CALLBACKFAIL = -21, /* callbacks fail */ - EDPVS_IO = -22, /* I/O error */ - EDPVS_MSG_FAIL = -23, /* msg callback failed */ - EDPVS_MSG_DROP = -24, /* msg callback dropped */ - EDPVS_PKTSTOLEN = -25, /* stolen packet */ - EDPVS_SYSCALL = -26, /* system call failed */ - EDPVS_NODEV = -27, /* no such device */ - - /* positive code for non-error */ - EDPVS_KNICONTINUE = 1, /* KNI to continue */ - EDPVS_INPROGRESS = 2, /* in progress */ -}; - -extern const char *dpvs_strerror(int err); - -int get_numa_nodes(void); - -int linux_set_if_mac(const char *ifname, const unsigned char mac[ETH_ALEN]); -int linux_hw_mc_add(const char *ifname, const uint8_t hwma[ETH_ALEN]); -int linux_hw_mc_del(const char *ifname, const uint8_t hwma[ETH_ALEN]); - -/* read "n" bytes from a descriptor */ -ssize_t readn(int fd, void *vptr, size_t n); - -/* write "n" bytes to a descriptor */ -ssize_t writen(int fd, const void *vptr, size_t n); - -/* send "n" bytes to a descriptor */ -ssize_t sendn(int fd, const void *vptr, size_t n, int flags); - -static inline char *strupr(char *str) { - char *s; - for (s = str; *s != '\0'; s++) - *s = toupper(*s); - return str; -} - -static inline char *strlwr(char *str) { - char *s; - for (s = str; *s != '\0'; s++) - *s = tolower(*s); - return str; -} - -#endif /* __DPVS_COMMON_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/conn.h b/tools/keepalived/keepalived/include/conf/conn.h deleted file mode 100644 index 86da70b66..000000000 --- a/tools/keepalived/keepalived/include/conf/conn.h +++ /dev/null @@ -1,92 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ - -#ifndef __DPVS_CONN_CONF_H__ -#define __DPVS_CONN_CONF_H__ -#include "list.h" -#include "inet.h" - -/* How many connections returned at most for one sockopt ctrl msg. - * Decrease it for saving memory, increase it for better performace. - */ -#define MAX_CTRL_CONN_GET_ENTRIES 1024 - - -enum conn_get_flags { - GET_IPVS_CONN_FLAG_ALL = 1, - GET_IPVS_CONN_FLAG_MORE = 2, - GET_IPVS_CONN_FLAG_SPECIFIED = 4, - GET_IPVS_CONN_FLAG_TEMPLATE = 8, -}; - -enum conn_get_result { - GET_IPVS_CONN_RESL_OK = 1, - GET_IPVS_CONN_RESL_MORE = 2, - GET_IPVS_CONN_RESL_FAIL = 4, - GET_IPVS_CONN_RESL_NOTEXIST = 8, -}; - -enum { - /* get */ - SOCKOPT_GET_CONN_ALL = 1000, - SOCKOPT_GET_CONN_SPECIFIED, -}; - -struct ip_vs_sockpair { - uint16_t af; - uint16_t proto; - __be16 sport; - __be16 tport; - union inet_addr sip; - union inet_addr tip; -}; - -typedef struct ip_vs_sockpair ipvs_sockpair_t; - -struct ip_vs_conn_entry { - uint16_t in_af; - uint16_t out_af; - uint16_t proto; - union inet_addr caddr; - union inet_addr vaddr; - union inet_addr laddr; - union inet_addr daddr; - uint16_t cport; - uint16_t vport; - uint16_t lport; - uint16_t dport; - uint32_t timeout; - uint8_t lcoreid; - char state[16]; -}; -typedef struct ip_vs_conn_entry ipvs_conn_entry_t; - -struct ip_vs_conn_req { - uint32_t flag; - uint32_t whence; - ipvs_sockpair_t sockpair; -}; - -struct ip_vs_conn_array { - uint32_t nconns; - uint32_t resl; - uint8_t curcid; - ipvs_conn_entry_t array[0]; -} __attribute__((__packed__)); - -#endif /* __DPVS_BLKLST_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/dest.h b/tools/keepalived/keepalived/include/conf/dest.h deleted file mode 100644 index 11faecc52..000000000 --- a/tools/keepalived/keepalived/include/conf/dest.h +++ /dev/null @@ -1,108 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_DEST_CONF_H__ -#define __DPVS_DEST_CONF_H__ - -#include "conf/service.h" - -/* must consistent with IP_VS_CONN_F_XXX (libipvs-2.6/ip_vs.h) */ -enum dpvs_fwd_mode { - DPVS_FWD_MASQ = 0, - DPVS_FWD_LOCALNODE = 1, - DPVS_FWD_MODE_TUNNEL = 2, - DPVS_FWD_MODE_DR = 3, - DPVS_FWD_MODE_BYPASS = 4, - DPVS_FWD_MODE_FNAT = 5, - DPVS_FWD_MODE_NAT = DPVS_FWD_MASQ, - DPVS_FWD_MODE_SNAT = 6, -}; - -enum { - DPVS_DEST_F_AVAILABLE = 0x1<<0, - DPVS_DEST_F_OVERLOAD = 0x1<<1, -}; - -struct dp_vs_dest_conf { - /* destination server address */ - int af; - union inet_addr addr; - uint16_t port; - - enum dpvs_fwd_mode fwdmode; - /* real server options */ - unsigned conn_flags; /* connection flags */ - int weight; /* destination weight */ - - /* thresholds for active connections */ - uint32_t max_conn; /* upper threshold */ - uint32_t min_conn; /* lower threshold */ -}; - -struct dp_vs_dest_entry { - int af; - union inet_addr addr; /* destination address */ - uint16_t port; - unsigned conn_flags; /* connection flags */ - int weight; /* destination weight */ - - uint32_t max_conn; /* upper threshold */ - uint32_t min_conn; /* lower threshold */ - - uint32_t actconns; /* active connections */ - uint32_t inactconns; /* inactive connections */ - uint32_t persistconns; /* persistent connections */ - - /* statistics */ - struct dp_vs_stats stats; -}; - -struct dp_vs_get_dests { - /* which service: user fills in these */ - int af; - uint16_t proto; - union inet_addr addr; /* virtual address */ - uint16_t port; - uint32_t fwmark; /* firwall mark of service */ - - /* number of real servers */ - unsigned int num_dests; - - lcoreid_t cid; - - char srange[256]; - char drange[256]; - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; - - /* the real servers */ - struct dp_vs_dest_entry entrytable[0]; -}; - -struct dp_vs_dest_user { - int af; - union inet_addr addr; - uint16_t port; - - unsigned conn_flags; - int weight; - - uint32_t max_conn; - uint32_t min_conn; -}; - -#endif /* __DPVS_DEST_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/flow.h b/tools/keepalived/keepalived/include/conf/flow.h deleted file mode 100644 index 5945823b8..000000000 --- a/tools/keepalived/keepalived/include/conf/flow.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2018 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * flow for IPv4/IPv6 route lookup. - * Linux Kernel is referred. - * - * Lei Chen , initial, Jul 2018. - */ -#ifndef __DPVS_FLOW_CONF_H__ -#define __DPVS_FLOW_CONF_H__ - -#include - -/* linux:include/uapi/route.h */ -#define RTF_UP 0x0001 /* route usable */ -#define RTF_GATEWAY 0x0002 /* destination is a gateway */ -#define RTF_HOST 0x0004 /* host entry (net otherwise) */ -#define RTF_REINSTATE 0x0008 /* reinstate route after tmout */ -#define RTF_DYNAMIC 0x0010 /* created dyn. (by redirect) */ -#define RTF_MODIFIED 0x0020 /* modified dyn. (by redirect) */ -#define RTF_MTU 0x0040 /* specific MTU for this route */ -#define RTF_MSS RTF_MTU /* Compatibility :-( */ -#define RTF_WINDOW 0x0080 /* per route window clamping */ -#define RTF_IRTT 0x0100 /* Initial round trip time */ -#define RTF_REJECT 0x0200 /* Reject route */ - -/* dpvs defined. */ -#define RTF_FORWARD 0x0400 -#define RTF_LOCALIN 0x0800 -#define RTF_DEFAULT 0x1000 -#define RTF_KNI 0X2000 -#define RTF_OUTWALL 0x4000 - -struct rt6_prefix { - struct in6_addr addr; - int plen; -}; - -#endif /* __DPVS_FLOW_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/iftraf.h b/tools/keepalived/keepalived/include/conf/iftraf.h deleted file mode 100644 index 2ff57c838..000000000 --- a/tools/keepalived/keepalived/include/conf/iftraf.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_IFTRAF_CONF_H__ -#define __DPVS_IFTRAF_CONF_H__ -#include -#include -#include "inet.h" - -enum { - /* set */ - SOCKOPT_SET_IFTRAF_ADD = 6400, - SOCKOPT_SET_IFTRAF_DEL, - - /* get */ - SOCKOPT_GET_IFTRAF_SHOW, -}; - -struct dp_vs_iftraf_conf { - char ifname[IFNAMSIZ]; -} __attribute__((__packed__)); - - -struct iftraf_param { - uint8_t af; - uint8_t proto; - uint8_t cid; - uint16_t devid; - char ifname[IFNAMSIZ]; - union inet_addr saddr; - union inet_addr daddr; - uint16_t sport; - uint16_t dport; - - uint32_t total_recv; - uint32_t total_sent; - -} __attribute__((__packed__)); - -struct iftraf_param_array { - int ntrafs; - struct iftraf_param iftraf[0]; -}; - -#endif /* __DPVS_INETADDR_CONF_H__ */ - diff --git a/tools/keepalived/keepalived/include/conf/inet.h b/tools/keepalived/keepalived/include/conf/inet.h deleted file mode 100644 index 5c6a3323b..000000000 --- a/tools/keepalived/keepalived/include/conf/inet.h +++ /dev/null @@ -1,261 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_INET_CONF_H__ -#define __DPVS_INET_CONF_H__ -#include -#include -#include -#include -#include -#include -#include "conf/common.h" - -#define INET_DEF_TTL 64 - -#define INET_MAX_PROTS 256 /* cannot change */ - -union inet_addr { - struct in_addr in; - struct in6_addr in6; -}; - -struct inet_prefix { - int plen; - union inet_addr addr; -}; - -struct inet_addr_range { - union inet_addr min_addr; - union inet_addr max_addr; - __be16 min_port; - __be16 max_port; -}; - -struct inet_stats { - uint64_t inpkts; /* InReceives */ - uint64_t inoctets; /* InOctets */ - uint64_t indelivers; /* InDelivers */ - uint64_t outforwdatagrams; /* OutForwDatagrams */ - uint64_t outpkts; /* OutRequests */ - uint64_t outoctets; /* OutOctets */ - uint64_t inhdrerrors; /* InHdrErrors */ - uint64_t intoobigerrors; /* InTooBigErrors */ - uint64_t innoroutes; /* InNoRoutes */ - uint64_t inaddrerrors; /* InAddrErrors */ - uint64_t inunknownprotos; /* InUnknownProtos */ - uint64_t intruncatedpkts; /* InTruncatedPkts */ - uint64_t indiscards; /* InDiscards */ - uint64_t outdiscards; /* OutDiscards */ - uint64_t outnoroutes; /* OutNoRoutes */ - uint64_t reasmtimeout; /* ReasmTimeout */ - uint64_t reasmreqds; /* ReasmReqds */ - uint64_t reasmoks; /* ReasmOKs */ - uint64_t reasmfails; /* ReasmFails */ - uint64_t fragoks; /* FragOKs */ - uint64_t fragfails; /* FragFails */ - uint64_t fragcreates; /* FragCreates */ - uint64_t inmcastpkts; /* InMcastPkts */ - uint64_t outmcastpkts; /* OutMcastPkts */ - uint64_t inbcastpkts; /* InBcastPkts */ - uint64_t outbcastpkts; /* OutBcastPkts */ - uint64_t inmcastoctets; /* InMcastOctets */ - uint64_t outmcastoctets; /* OutMcastOctets */ - uint64_t inbcastoctets; /* InBcastOctets */ - uint64_t outbcastoctets; /* OutBcastOctets */ - uint64_t csumerrors; /* InCsumErrors */ - uint64_t noectpkts; /* InNoECTPkts */ - uint64_t ect1pkts; /* InECT1Pkts */ - uint64_t ect0pkts; /* InECT0Pkts */ - uint64_t cepkts; /* InCEPkts */ -}; - -static inline const char *inet_proto_name(uint8_t proto) -{ - const static char *proto_names[256] = { - [IPPROTO_TCP] = "TCP", - [IPPROTO_UDP] = "UDP", - [IPPROTO_ICMP] = "ICMP", - [IPPROTO_ICMPV6] = "ICMPV6", - }; - - return proto_names[proto] ? proto_names[proto] : ""; -} - -static inline uint32_t inet_addr_fold(int af, const union inet_addr *addr) -{ - uint32_t addr_fold = 0; - - if (af == AF_INET) { - addr_fold = addr->in.s_addr; - } else if (af == AF_INET6) { - addr_fold = addr->in6.s6_addr32[0] ^ addr->in6.s6_addr32[1] ^ - addr->in6.s6_addr32[2] ^ addr->in6.s6_addr32[3]; - } else { - return 0; - } - - return addr_fold; -} - -/* ip1[-ip2][:port1[-port2]] */ -static inline int inet_addr_range_parse(const char *param, - struct inet_addr_range *range, - int *af) -{ - char _param[256], *ips, *ports = NULL; - char *ip1, *ip2, *port1, *port2; - - if (strlen(param) == 0) - return EDPVS_OK; /* return asap */ - - snprintf(_param, sizeof(_param), "%s", param); - - ips = _param; - if (_param[0] == '[') { - ips++; - ports = strrchr(_param, ']'); - if (ports == NULL) - return EDPVS_INVAL; - *ports++ = '\0'; - if (*ports == ':') - *ports++ = '\0'; - else - return EDPVS_INVAL; - } - - /* judge ipv4 */ - if (strrchr(_param, ':') == strchr(_param, ':')) { - ports = strrchr(_param, ':'); - if (ports) - *ports++ = '\0'; - } - - ip1 = ips; - ip2 = strrchr(ips, '-'); - if (ip2) - *ip2++ = '\0'; - - if (ports) { - port1 = ports; - port2 = strrchr(ports, '-'); - if (port2) - *port2++ = '\0'; - } else { - port1 = port2 = NULL; - } - - memset(range, 0, sizeof(*range)); - - if (strlen(ip1) && inet_pton(AF_INET6, ip1, &range->min_addr.in6) > 0) { - if (ip2 && strlen(ip2)) { - if (inet_pton(AF_INET6, ip2, &range->max_addr.in6) <= 0) - return EDPVS_INVAL; - } else { - range->max_addr = range->min_addr; - } - *af = AF_INET6; - } else { - if (strlen(ip1) && inet_pton(AF_INET, ip1, &range->min_addr.in) <= 0) - return EDPVS_INVAL; - - if (ip2 && strlen(ip2)) { - if (inet_pton(AF_INET, ip2, &range->max_addr.in) <= 0) - return EDPVS_INVAL; - } else { - range->max_addr = range->min_addr; - } - *af = AF_INET; - } - - if (port1 && strlen(port1)) - range->min_port = htons(atoi(port1)); - - if (port2 && strlen(port2)) - range->max_port = htons(atoi(port2)); - else - range->max_port = range->min_port; - - return EDPVS_OK; -} - -static inline int inet_addr_range_dump(int af, - const struct inet_addr_range *range, - char *buf, size_t size) -{ - char min_ip[64], max_ip[64]; - char min_port[16], max_port[16]; - - inet_ntop(af, &range->min_addr, min_ip, sizeof(min_ip)); - inet_ntop(af, &range->max_addr, max_ip, sizeof(max_ip)); - snprintf(min_port, sizeof(min_port), "%u", ntohs(range->min_port)); - snprintf(max_port, sizeof(max_port), "%u", ntohs(range->max_port)); - - if (af == AF_INET) - return snprintf(buf, size, "%s-%s:%s-%s", - min_ip, max_ip, min_port, max_port); - return snprintf(buf, size, "[%s-%s]:%s-%s", - min_ip, max_ip, min_port, max_port); -} - -static inline void inet_stats_dump(const char *title, const char *prefix, - const struct inet_stats *st) -{ - if (!st) - return; - - if (title) - printf("%s\n", title); - - printf("%s%-18s %lu\n", prefix ? : "", "InReceives:", st->inpkts); - printf("%s%-18s %lu\n", prefix ? : "", "InOctets:", st->inoctets); - printf("%s%-18s %lu\n", prefix ? : "", "InDelivers:", st->indelivers); - printf("%s%-18s %lu\n", prefix ? : "", "OutForwDatagrams:", st->outforwdatagrams); - printf("%s%-18s %lu\n", prefix ? : "", "OutRequests:", st->outpkts); - printf("%s%-18s %lu\n", prefix ? : "", "OutOctets:", st->outoctets); - printf("%s%-18s %lu\n", prefix ? : "", "InHdrErrors:", st->inhdrerrors); - printf("%s%-18s %lu\n", prefix ? : "", "InTooBigErrors:", st->intoobigerrors); - printf("%s%-18s %lu\n", prefix ? : "", "InNoRoutes:", st->innoroutes); - printf("%s%-18s %lu\n", prefix ? : "", "InAddrErrors:", st->inaddrerrors); - printf("%s%-18s %lu\n", prefix ? : "", "InUnknownProtos:", st->inunknownprotos); - printf("%s%-18s %lu\n", prefix ? : "", "InTruncatedPkts:", st->intruncatedpkts); - printf("%s%-18s %lu\n", prefix ? : "", "InDiscards:", st->indiscards); - printf("%s%-18s %lu\n", prefix ? : "", "OutDiscards:", st->outdiscards); - printf("%s%-18s %lu\n", prefix ? : "", "OutNoRoutes:", st->outnoroutes); - printf("%s%-18s %lu\n", prefix ? : "", "ReasmTimeout:", st->reasmtimeout); - printf("%s%-18s %lu\n", prefix ? : "", "ReasmReqds:", st->reasmreqds); - printf("%s%-18s %lu\n", prefix ? : "", "ReasmOKs:", st->reasmoks); - printf("%s%-18s %lu\n", prefix ? : "", "ReasmFails:", st->reasmfails); - printf("%s%-18s %lu\n", prefix ? : "", "FragOKs:", st->fragoks); - printf("%s%-18s %lu\n", prefix ? : "", "FragFails:", st->fragfails); - printf("%s%-18s %lu\n", prefix ? : "", "FragCreates:", st->fragcreates); - printf("%s%-18s %lu\n", prefix ? : "", "InMcastPkts:", st->inmcastpkts); - printf("%s%-18s %lu\n", prefix ? : "", "OutMcastPkts:", st->outmcastpkts); - printf("%s%-18s %lu\n", prefix ? : "", "InBcastPkts:", st->inbcastpkts); - printf("%s%-18s %lu\n", prefix ? : "", "OutBcastPkts:", st->outbcastpkts); - printf("%s%-18s %lu\n", prefix ? : "", "InMcastOctets:", st->inmcastoctets); - printf("%s%-18s %lu\n", prefix ? : "", "OutMcastOctets:", st->outmcastoctets); - printf("%s%-18s %lu\n", prefix ? : "", "InBcastOctets:", st->inbcastoctets); - printf("%s%-18s %lu\n", prefix ? : "", "OutBcastOctets:", st->outbcastoctets); - printf("%s%-18s %lu\n", prefix ? : "", "InCsumErrors:", st->csumerrors); - printf("%s%-18s %lu\n", prefix ? : "", "InNoECTPkts:", st->noectpkts); - printf("%s%-18s %lu\n", prefix ? : "", "InECT1Pkts:", st->ect1pkts); - printf("%s%-18s %lu\n", prefix ? : "", "InECT0Pkts:", st->ect0pkts); - printf("%s%-18s %lu\n", prefix ? : "", "InCEPkts:", st->cepkts); -} - -#endif /* __DPVS_INET_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/inetaddr.h b/tools/keepalived/keepalived/include/conf/inetaddr.h deleted file mode 100644 index 571327d06..000000000 --- a/tools/keepalived/keepalived/include/conf/inetaddr.h +++ /dev/null @@ -1,97 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_INETADDR_CONF_H__ -#define __DPVS_INETADDR_CONF_H__ -#include -#include -#include "inet.h" -#include "net/if.h" - -enum { - /* set */ - SOCKOPT_SET_IFADDR_ADD = 400, - SOCKOPT_SET_IFADDR_DEL, - SOCKOPT_SET_IFADDR_SET, - SOCKOPT_SET_IFADDR_FLUSH, - - /* get */ - SOCKOPT_GET_IFADDR_SHOW, -}; - -enum { - IFA_SCOPE_GLOBAL = 0, - IFA_SCOPE_SITE, /* IPv6 only */ - IFA_SCOPE_LINK, /* link local */ - IFA_SCOPE_HOST, /* valid inside the host */ - IFA_SCOPE_NONE = 255, -}; - -/* leverage IFA_F_XXX in linux/if_addr.h*/ -#define IFA_F_SAPOOL 0x10000 /* if address with sockaddr pool */ - -/* ifa command flags */ -#define IFA_F_OPS_VERBOSE 0x0001 -#define IFA_F_OPS_STATS 0x0002 - -typedef enum ifaddr_ops { - INET_ADDR_GET = 1, - INET_ADDR_ADD, - INET_ADDR_DEL, - INET_ADDR_MOD, - INET_ADDR_FLUSH, - INET_ADDR_SYNC, -} ifaddr_ops_t; - -struct inet_addr_entry { - int af; - char ifname[IFNAMSIZ]; - union inet_addr addr; - union inet_addr bcast; - uint8_t plen; - uint8_t scope; - lcoreid_t cid; - uint32_t valid_lft; - uint32_t prefered_lft; - uint32_t flags; -} __attribute__((__packed__)); - -struct inet_addr_stats { - uint32_t sa_used; - uint32_t sa_free; - uint32_t sa_miss; -} __attribute__((__packed__)); - -struct inet_addr_param { - ifaddr_ops_t ifa_ops; - uint32_t ifa_ops_flags; - struct inet_addr_entry ifa_entry; -} __attribute__((__packed__)); - -struct inet_addr_data { - struct inet_addr_entry ifa_entry; - struct inet_addr_stats ifa_stats; -} __attribute__((__packed__)); - -struct inet_addr_data_array { - ifaddr_ops_t ops; - uint32_t ops_flags; - int naddr; - struct inet_addr_data addrs[0]; -} __attribute__((__packed__)); - -#endif /* __DPVS_INETADDR_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/ip_tunnel.h b/tools/keepalived/keepalived/include/conf/ip_tunnel.h deleted file mode 100644 index fd1964231..000000000 --- a/tools/keepalived/keepalived/include/conf/ip_tunnel.h +++ /dev/null @@ -1,71 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/* - * dpvs IPv4 tunnel common codes. - * refer linux:include/net/ip_tunnels.h - * linux:include/uapi/linux/if_tunnel.h - * - * raychen@qiyi.com, Dec 2017, initial. - */ -#ifndef __DPVS_TUNNEL_CONF_H__ -#define __DPVS_TUNNEL_CONF_H__ -#include -#include -#include - -#define TNLKINDSIZ 16 - -#define TUNNEL_F_CSUM htobe16(0x01) -#define TUNNEL_F_ROUTING htobe16(0x02) -#define TUNNEL_F_KEY htobe16(0x04) -#define TUNNEL_F_SEQ htobe16(0x08) -#define TUNNEL_F_STRICT htobe16(0x10) -#define TUNNEL_F_REC htobe16(0x20) -#define TUNNEL_F_VERSION htobe16(0x40) -#define TUNNEL_F_NO_KEY htobe16(0x80) -#define TUNNEL_F_DONT_FRAGMENT htobe16(0x0100) -#define TUNNEL_F_OAM htobe16(0x0200) -#define TUNNEL_F_CRIT_OPT htobe16(0x0400) -#define TUNNEL_F_GENEVE_OPT htobe16(0x0800) -#define TUNNEL_F_VXLAN_OPT htobe16(0x1000) -#define TUNNEL_F_NOCACHE htobe16(0x2000) -#define TUNNEL_F_ERSPAN_OPT htobe16(0x4000) - -enum { - /* set */ - SOCKOPT_TUNNEL_ADD = 1000, - SOCKOPT_TUNNEL_DEL, - SOCKOPT_TUNNEL_CHANGE, - SOCKOPT_TUNNEL_REPLACE, - - /* get */ - SOCKOPT_TUNNEL_SHOW, -}; - -struct ip_tunnel_param { - char ifname[IFNAMSIZ]; - char kind[TNLKINDSIZ]; - char link[IFNAMSIZ]; - __be16 i_flags; - __be16 o_flags; - __be32 i_key; - __be32 o_key; - struct iphdr iph; -} __attribute__((__packed__)); - -#endif /* __DPVS_TUNNEL_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/ipset.h b/tools/keepalived/keepalived/include/conf/ipset.h deleted file mode 100644 index acbe52d36..000000000 --- a/tools/keepalived/keepalived/include/conf/ipset.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * Note: control plane only - * based on dpvs_sockopt. - */ -#ifndef __DPVS_IPSET_CONF_H__ -#define __DPVS_IPSET_CONF_H__ - -enum { - /* set */ - SOCKOPT_SET_IPSET_ADD = 3300, - SOCKOPT_SET_IPSET_DEL, - SOCKOPT_SET_IPSET_FLUSH, - - /* get */ - SOCKOPT_GET_IPSET_SHOW, -}; - -struct dp_vs_ipset_conf { - int af; - union inet_addr addr; -}; - -struct dp_vs_multi_ipset_conf { - int num; - struct dp_vs_ipset_conf ipset_conf[0]; -}; - -struct dp_vs_ipset_conf_array { - int nipset; - struct dp_vs_ipset_conf ips[0]; -} __attribute__((__packed__)); - -#endif /* __DPVS_IPSET_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/ipv6.h b/tools/keepalived/keepalived/include/conf/ipv6.h deleted file mode 100644 index 4f893ed1c..000000000 --- a/tools/keepalived/keepalived/include/conf/ipv6.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * IPv6 protocol control plane. - * - * Lei Chen , initial, Jul 2018. - */ -#ifndef __DPVS_IPV6_CONF_H__ -#define __DPVS_IPV6_CONF_H__ -#include "inet.h" - -enum { - /* set */ - SOCKOPT_IP6_SET = 1100, - /* get */ - SOCKOPT_IP6_STATS, -}; - -struct ip6_stats_param { - struct inet_stats stats; - struct inet_stats stats_cpus[DPVS_MAX_LCORE]; -} __attribute__((__packed__)); - -#endif /* __DPVS_IPV6_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/laddr.h b/tools/keepalived/keepalived/include/conf/laddr.h deleted file mode 100644 index 09a3bc66f..000000000 --- a/tools/keepalived/keepalived/include/conf/laddr.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * Note: control plane only - * based on dpvs_sockopt. - */ -#ifndef __DPVS_LADDR_CONF_H__ -#define __DPVS_LADDR_CONF_H__ -#include "inet.h" -#include "net/if.h" - -enum { - /* set */ - SOCKOPT_SET_LADDR_ADD = 100, - SOCKOPT_SET_LADDR_DEL, - SOCKOPT_SET_LADDR_FLUSH, - - /* get */ - SOCKOPT_GET_LADDR_GETALL, -}; - -#define SOCKOPT_LADDR_BASE SOCKOPT_SET_LADDR_ADD -#define SOCKOPT_GET_LADDR_MAX 199 - -struct dp_vs_laddr_entry { - int af; - union inet_addr addr; - uint64_t nport_conflict; - uint32_t nconns; -}; - -struct dp_vs_laddr_conf { - /* identify service */ - int af_s; - uint8_t proto; - union inet_addr vaddr; - uint16_t vport; - uint32_t fwmark; - char srange[256]; - char drange[256]; - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; - lcoreid_t cid; - - /* for set */ - int af_l; - union inet_addr laddr; - char ifname[IFNAMSIZ]; - - /* for get */ - int nladdrs; - struct dp_vs_laddr_entry laddrs[0]; -}; - -#endif /* __DPVS_LADDR_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/match.h b/tools/keepalived/keepalived/include/conf/match.h deleted file mode 100644 index f47e08d0f..000000000 --- a/tools/keepalived/keepalived/include/conf/match.h +++ /dev/null @@ -1,123 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * packet "matcher" of DPVS. - * - * raychen@qiyi.com, Aug. 2017, initial. - */ -#ifndef __DPVS_MATCH_H__ -#define __DPVS_MATCH_H__ -#include -#include -#include "inet.h" - -struct dp_vs_match { - /* TODO: add proto, ... */ - int af; - /* range is more flexible than prefix. */ - struct inet_addr_range srange; /* source range */ - struct inet_addr_range drange; /* dest range */ - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; -}; - -static inline bool is_empty_match(const struct dp_vs_match *match) -{ - const static struct dp_vs_match zero_match = {}; - return !memcmp(match, &zero_match, sizeof(*match)); -} - -static inline int parse_match(const char *pattern, uint8_t *proto, - struct dp_vs_match *match) -{ - char _pat[256]; - char *start, *tok, *sp, *delim = ","; - int err; - - *proto = 0; - memset(match, 0, sizeof(*match)); - snprintf(_pat, sizeof(_pat), "%s", pattern); - - for (start = _pat; (tok = strtok_r(start, delim, &sp)); start = NULL) { - if (strcmp(tok, "tcp") == 0) { - *proto = IPPROTO_TCP; - } else if (strcmp(tok, "udp") == 0) { - *proto = IPPROTO_UDP; - } else if (strncmp(tok, "from=", strlen("from=")) == 0) { - tok += strlen("from="); - - err = inet_addr_range_parse(tok, &match->srange, &match->af); - if (err != EDPVS_OK) - return err; - } else if (strncmp(tok, "to=", strlen("to=")) == 0) { - tok += strlen("to="); - - err = inet_addr_range_parse(tok, &match->drange, &match->af); - if (err != EDPVS_OK) - return err; - } else if (strncmp(tok, "iif=", strlen("iif=")) == 0) { - tok += strlen("iif="); - snprintf(match->iifname, IFNAMSIZ, "%s", tok); - } else if (strncmp(tok, "oif=", strlen("oif=")) == 0) { - tok += strlen("oif="); - snprintf(match->oifname, IFNAMSIZ, "%s", tok); - } else { - return EDPVS_INVAL; - } - } - - return EDPVS_OK; -} - -static inline char *dump_match(uint8_t proto, const struct dp_vs_match *match, - char *buf, size_t size) -{ - const static struct inet_addr_range zero_range = {{{0}}}; - size_t left = size; - - if (!match || !buf || size < 1) - return NULL; - - buf[0] = '\0'; - left -= snprintf(buf + strlen(buf), left, "%s", - proto ? inet_proto_name(proto) : "unspec"); - - if (memcmp(&match->srange, &zero_range, sizeof(zero_range)) != 0) { - left -= snprintf(buf + strlen(buf), left, ",from="); - left -= inet_addr_range_dump(match->af, &match->srange, - buf + strlen(buf), left); - } - - if (memcmp(&match->drange, &zero_range, sizeof(zero_range)) != 0) { - left -= snprintf(buf + strlen(buf), left, ",to="); - left -= inet_addr_range_dump(match->af, &match->drange, - buf + strlen(buf), left); - } - - if (strlen(match->iifname)) { - left -= snprintf(buf + strlen(buf), left, ",iif=%s", match->iifname); - } - - if (strlen(match->oifname)) { - left -= snprintf(buf + strlen(buf), left, ",oif=%s", match->oifname); - } - - return buf; -} - -#endif /* __DPVS_MATCH_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/neigh.h b/tools/keepalived/keepalived/include/conf/neigh.h deleted file mode 100644 index 9bb74764a..000000000 --- a/tools/keepalived/keepalived/include/conf/neigh.h +++ /dev/null @@ -1,86 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_ROUTE_CONF_H__ -#define __DPVS_ROUTE_CONF_H__ - -#include -#include -#include "inet.h" - -enum { - /* get */ - SOCKOPT_GET_NEIGH_SHOW = 600, - - /* set */ - SOCKOPT_SET_NEIGH_ADD, - SOCKOPT_SET_NEIGH_DEL, -}; - -enum { - DPVS_NUD_S_NONE = 0, - DPVS_NUD_S_SEND, - DPVS_NUD_S_REACHABLE, - DPVS_NUD_S_PROBE, - DPVS_NUD_S_DELAY, - DPVS_NUD_S_MAX /*Reserved*/ -}; - -struct dp_vs_neigh_conf { - int af; - uint8_t flag; - uint32_t state; - union inet_addr ip_addr; - struct ether_addr eth_addr; - uint32_t que_num; - char ifname[IFNAMSIZ]; - uint8_t cid; -}__attribute__((__packed__)); - -struct dp_vs_neigh_conf_array { - int neigh_nums; - struct dp_vs_neigh_conf addrs[0]; -}__attribute__((__packed__)); - -#define sNNO DPVS_NUD_S_NONE -#define sNSD DPVS_NUD_S_SEND -#define sNRE DPVS_NUD_S_REACHABLE -#define sNPR DPVS_NUD_S_PROBE -#define sNDE DPVS_NUD_S_DELAY - -#define DPVS_NUD_S_KEEP DPVS_NUD_S_MAX -#define sNKP DPVS_NUD_S_KEEP /*Keep state and do not reset timer*/ - -static const char *nud_state_names[] = { - [DPVS_NUD_S_NONE] = "NONE", - [DPVS_NUD_S_SEND] = "SEND", - [DPVS_NUD_S_REACHABLE] = "REACHABLE", - [DPVS_NUD_S_PROBE] = "PROBE", - [DPVS_NUD_S_DELAY] = "DELAY", -}; - -static inline const char *nud_state_name(int state) -{ - if (state >= DPVS_NUD_S_KEEP) - return "ERR!"; - return nud_state_names[state] ? nud_state_names[state] :""; -} - -#define NEIGHBOUR_HASHED 0x01 -#define NEIGHBOUR_STATIC 0x02 - -#endif diff --git a/tools/keepalived/keepalived/include/conf/netif.h b/tools/keepalived/keepalived/include/conf/netif.h deleted file mode 100644 index ed4e6c813..000000000 --- a/tools/keepalived/keepalived/include/conf/netif.h +++ /dev/null @@ -1,281 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __NETIF_CONF_H__ -#define __NETIF_CONF_H__ -#include -#include - -#define NETIF_MAX_PORTS 4096 - -/*** type from dpdk.h *** - * All types defined here must be the same as in dpdk.h, - * error would occur otherwise */ - -#define RTE_ETHDEV_QUEUE_STAT_CNTRS 16 -#define NETIF_MAX_BOND_SLAVES 32 - -typedef uint8_t lcoreid_t; -typedef uint16_t portid_t; -typedef uint16_t queueid_t; - -/*** end of type from dpdk.h ***/ - -enum { - /* get */ - SOCKOPT_NETIF_GET_LCORE_MASK = 500, - SOCKOPT_NETIF_GET_LCORE_BASIC, - SOCKOPT_NETIF_GET_LCORE_STATS, - SOCKOPT_NETIF_GET_PORT_LIST, - SOCKOPT_NETIF_GET_PORT_BASIC, - SOCKOPT_NETIF_GET_PORT_STATS, - SOCKOPT_NETIF_GET_PORT_EXT_INFO, - SOCKOPT_NETIF_GET_BOND_STATUS, - SOCKOPT_NETIF_GET_MAX, - /* set */ - SOCKOPT_NETIF_SET_LCORE = 500, - SOCKOPT_NETIF_SET_PORT, - SOCKOPT_NETIF_SET_BOND, - SOCKOPT_NETIF_SET_MAX, -}; - -/* all lcores in use */ -typedef struct netif_lcore_mask_get -{ - lcoreid_t master_lcore_id; - uint8_t slave_lcore_num; - uint8_t isol_rx_lcore_num; - uint64_t slave_lcore_mask; - uint64_t isol_rx_lcore_mask; -} netif_lcore_mask_get_t; - -/* basic lcore info specified by lcore_id */ -typedef struct netif_lcore_basic_get -{ - lcoreid_t lcore_id; - uint8_t socket_id; - uint32_t queue_data_len; - char queue_data[0]; -} netif_lcore_basic_get_t; - -/* statistics info of lcore_id */ -typedef struct netif_lcore_stats_get -{ - lcoreid_t lcore_id; - uint64_t lcore_loop; - uint64_t pktburst; - uint64_t zpktburst; - uint64_t fpktburst; - uint64_t z2hpktburst; - uint64_t h2fpktburst; - uint64_t ipackets; - uint64_t ibytes; - uint64_t opackets; - uint64_t obytes; - uint64_t dropped; // software packet drop -} netif_lcore_stats_get_t; - -struct port_id_name -{ - portid_t id; - char name[IFNAMSIZ]; -} __attribute__((__packed__)); - -/* all nics in use */ -typedef struct netif_nic_list_get -{ - uint16_t nic_num; - portid_t phy_pid_base; - portid_t phy_pid_end; - portid_t bond_pid_base; - portid_t bond_pid_end; - struct port_id_name idname[0]; -} netif_nic_list_get_t; - -/* basic nic info specified by port_id */ -typedef struct netif_nic_basic_get -{ - portid_t port_id; - char name[32]; - uint8_t nrxq; - uint8_t ntxq; - char addr[32]; - uint8_t socket_id; - uint16_t mtu; - uint32_t link_speed; /* ETH_SPEED_NUM_ */ - char link_status[16]; - char link_duplex[16]; - char link_autoneg[16]; - uint16_t promisc:1; /* promiscuous mode */ - uint16_t fwd2kni:1; - uint16_t tc_egress:1; - uint16_t tc_ingress:1; - uint16_t ol_rx_ip_csum:1; - uint16_t ol_tx_ip_csum:1; - uint16_t ol_tx_tcp_csum:1; - uint16_t ol_tx_udp_csum:1; -} netif_nic_basic_get_t; - -/* nic statistics specified by port_id */ -typedef struct netif_nic_stats_get { - portid_t port_id; - uint32_t mbuf_avail;/* Number of available mbuf in pktmempool */ - uint32_t mbuf_inuse;/* Number of used mbuf in pktmempool */ - uint64_t ipackets; /* Total number of successfully received packets. */ - uint64_t opackets; /* Total number of successfully transmitted packets.*/ - uint64_t ibytes; /* Total number of successfully received bytes. */ - uint64_t obytes; /* Total number of successfully transmitted bytes. */ - uint64_t imissed; - /* Total of RX packets dropped by the HW, - * because there are no available mbufs (i.e. RX queues are full). */ - uint64_t ierrors; /* Total number of erroneous received packets. */ - uint64_t oerrors; /* Total number of failed transmitted packets. */ - uint64_t rx_nombuf; /* Total number of RX mbuf allocation failures. */ - uint64_t q_ipackets[RTE_ETHDEV_QUEUE_STAT_CNTRS]; - /* Total number of queue RX packets. */ - uint64_t q_opackets[RTE_ETHDEV_QUEUE_STAT_CNTRS]; - /* Total number of queue TX packets. */ - uint64_t q_ibytes[RTE_ETHDEV_QUEUE_STAT_CNTRS]; - /* Total number of successfully received queue bytes. */ - uint64_t q_obytes[RTE_ETHDEV_QUEUE_STAT_CNTRS]; - /* Total number of successfully transmitted queue bytes. */ - uint64_t q_errors[RTE_ETHDEV_QUEUE_STAT_CNTRS]; - /* Total number of queue packets received that are dropped. */ -} netif_nic_stats_get_t; - -/* dev info specified by port_id */ -struct netif_nic_dev_get -{ - char pci_addr[32]; /* pci address */ - char driver_name[32]; /* device driver name */ - uint32_t if_index; /* index to bound host interface, or 0 if none */ - uint32_t min_rx_bufsize; /* minimum size of RX buffer */ - uint32_t max_rx_pktlen; /* maximum configurable length of RX pkt */ - uint16_t max_rx_queues; /* maximum number of RX queues */ - uint16_t max_tx_queues; /* maximum number of TX queues */ - uint32_t max_mac_addrs; /* maximum number of MAC addressses */ - uint32_t max_hash_mac_addrs; /* maximum number of hash MAC addresses for MTA and UTA */ - uint16_t max_vfs; /* maximum unmber of VFs */ - uint16_t max_vmdq_pools;/* maximum number of VMDq pools */ - uint32_t rx_offload_capa; /* device RX offload capabilities */ - uint32_t tx_offload_capa; /* device TX offload capabilities */ - uint32_t reta_size; /* device redirection table size ,the toatal number of entries */ - uint8_t hash_key_size; /* Hash key size in bytes */ - uint64_t flow_type_rss_offloads; - /* bit mask of RSS offloads, the bit offset also means flow type*/ - uint16_t vmdq_queue_base; /* first queue ID for VMDQ pools */ - uint16_t vmdq_queue_num; /* queue number ofr VMDQ pools */ - uint16_t vmdq_pool_base; /* first ID of VMDQ pools */ - uint16_t rx_desc_lim_nb_max; /* max allowed number of rx descriptors */ - uint16_t rx_desc_lim_nb_min; /* min allowed number of rx descriptors */ - uint16_t rx_desc_lim_nb_align; /* number of rx desciptors should be aligned to */ - uint16_t tx_desc_lim_nb_max; /* max allowed number of tx descriptors */ - uint16_t tx_desc_lim_nb_min; /* min allowed number of tx descriptors */ - uint16_t tx_desc_lim_nb_align; /* number of tx desciptors should be aligned to */ - uint32_t speed_capa; /* supported speed bitmap (ETH_LINK_SPEED_) */ -} __attribute__((__packed__)); - -struct netif_nic_conf_queues -{ - size_t data_offset; - size_t data_len; -} __attribute__((__packed__)); - -struct netif_mc_list_conf { - size_t data_offset; - size_t data_len; - int naddr; -} __attribute__((__packed__)); - -typedef struct netif_nic_ext_get -{ - portid_t port_id; - struct netif_nic_dev_get dev_info; - struct netif_nic_conf_queues cfg_queues; - struct netif_mc_list_conf mc_list; - size_t datalen; - char data[0]; /* data string format: cfg_queues\0mc_list\0 */ -} netif_nic_ext_get_t; - -struct bond_slave_node { - char name[32]; - char macaddr[32]; - int is_active; - int is_primary; -}; - -typedef struct netif_bond_status_get { - int mode; - int slave_nb; - int active_nb; - struct bond_slave_node slaves[NETIF_MAX_BOND_SLAVES]; - char macaddr[32]; - char xmit_policy[32]; - int link_monitor_interval; - int link_down_prop_delay; - int link_up_prop_delay; -} netif_bond_status_get_t; - -/* lcore configure struct */ -typedef struct netif_lcore_set { - lcoreid_t cid; -} netif_lcore_set_t; - -/* port configure struct */ -typedef struct netif_nic_set { - char pname[32]; - char macaddr[18]; - uint16_t promisc_on:1; - uint16_t promisc_off:1; - uint16_t link_status_up:1; - uint16_t link_status_down:1; - uint16_t forward2kni_on:1; - uint16_t forward2kni_off:1; - uint16_t tc_egress_on:1; - uint16_t tc_egress_off:1; - uint16_t tc_ingress_on:1; - uint16_t tc_ingress_off:1; -} netif_nic_set_t; - -typedef struct netif_bond_set { - char name[32]; - union { - int mode; - char slave[32]; - char primary[32]; - char xmit_policy[32]; - int link_monitor_interval; - int link_down_prop; - int link_up_prop; - } param; - enum { - ACT_ADD = 1, - ACT_DEL, - ACT_SET, - } act; - enum { - OPT_MODE = 1, - OPT_SLAVE, - OPT_PRIMARY, - OPT_XMIT_POLICY, - OPT_LINK_MONITOR_INTERVAL, - OPT_LINK_DOWN_PROP, - OPT_LINK_UP_PROP, - } opt; -} netif_bond_set_t; - -#endif diff --git a/tools/keepalived/keepalived/include/conf/route.h b/tools/keepalived/keepalived/include/conf/route.h deleted file mode 100644 index b6faebe91..000000000 --- a/tools/keepalived/keepalived/include/conf/route.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * Note: control plane only - * based on dpvs_sockopt. - */ -#ifndef __DPVS_ROUTE_CONF_H__ -#define __DPVS_ROUTE_CONF_H__ -#include "inet.h" -#include "net/if.h" - -enum { - /* set */ - SOCKOPT_SET_ROUTE_ADD = 300, - SOCKOPT_SET_ROUTE_DEL, - SOCKOPT_SET_ROUTE_SET, - SOCKOPT_SET_ROUTE_FLUSH, - - /* get */ - SOCKOPT_GET_ROUTE_SHOW, -}; - -enum { - ROUTE_CF_SCOPE_NONE = 0, - ROUTE_CF_SCOPE_HOST, - ROUTE_CF_SCOPE_KNI, - ROUTE_CF_SCOPE_LINK, - ROUTE_CF_SCOPE_GLOBAL, -}; - -enum { - ROUTE_CF_PROTO_AUTO = 0, - ROUTE_CF_PROTO_BOOT, - ROUTE_CF_PROTO_STATIC, - ROUTE_CF_PROTO_RA, - ROUTE_CF_PROTO_REDIRECT, -}; - -enum { - ROUTE_CF_FLAG_ONLINK, -}; - -struct dp_vs_route_conf { - int af; - union inet_addr dst; /* all-zero for default */ - uint8_t plen; /* prefix length */ - union inet_addr via; - union inet_addr src; - char ifname[IFNAMSIZ]; - uint32_t mtu; - uint8_t tos; - uint8_t scope; - uint8_t metric; - uint8_t proto; /* routing protocol */ - uint32_t flags; - int32_t outwalltb; -} __attribute__((__packed__)); - -struct dp_vs_route_conf_array { - int nroute; - struct dp_vs_route_conf routes[0]; -} __attribute__((__packed__)); - -#endif /* __DPVS_ROUTE_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/route6.h b/tools/keepalived/keepalived/include/conf/route6.h deleted file mode 100644 index b85dee151..000000000 --- a/tools/keepalived/keepalived/include/conf/route6.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2018 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ - -#ifndef __DPVS_ROUTE6_CONF_H__ -#define __DPVS_ROUTE6_CONF_H__ - -#include "flow.h" - -enum { - /* set */ - SOCKOPT_SET_ROUTE6_ADD_DEL = 6300, - SOCKOPT_SET_ROUTE6_FLUSH, - - /* get */ - SOCKOPT_GET_ROUTE6_SHOW = 6300, -}; - -enum { - RT6_OPS_GET = 1, - RT6_OPS_ADD, - RT6_OPS_DEL, - RT6_OPS_FLUSH, -}; - -struct dp_vs_route6_conf { - int ops; - struct rt6_prefix dst; - struct rt6_prefix src; - struct rt6_prefix prefsrc; - char ifname[IFNAMSIZ]; - struct in6_addr gateway; - uint32_t mtu; - uint32_t flags; -} __attribute__((__packed__)); - -struct dp_vs_route6_conf_array { - int nroute; - struct dp_vs_route6_conf routes[0]; -} __attribute__((__packed__)); - -#endif /* __DPVS_ROUTE6_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/service.h b/tools/keepalived/keepalived/include/conf/service.h deleted file mode 100644 index 741fc0cac..000000000 --- a/tools/keepalived/keepalived/include/conf/service.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_SVC_CONF_H__ -#define __DPVS_SVC_CONF_H__ - -#include -#include -#include "inet.h" -#include "conf/match.h" -#include "conf/stats.h" -#include "conf/dest.h" - -#define DP_VS_SCHEDNAME_MAXLEN 16 - -struct dp_vs_service_conf { - /* virtual service addresses */ - uint16_t af; - uint16_t protocol; - union inet_addr addr; /* virtual ip address */ - uint16_t port; - uint32_t fwmark; /* firwall mark of service */ - struct dp_vs_match match; - - /* virtual service options */ - char *sched_name; - unsigned flags; /* virtual service flags */ - unsigned timeout; /* persistent timeout in sec */ - unsigned conn_timeout; - uint32_t netmask; /* persistent netmask */ - unsigned bps; - unsigned limit_proportion; -}; - -struct dp_vs_service_entry { - int af; - uint16_t proto; - union inet_addr addr; - uint16_t port; - uint32_t fwmark; - - char sched_name[DP_VS_SCHEDNAME_MAXLEN]; - unsigned flags; - unsigned timeout; - unsigned conn_timeout; - uint32_t netmask; - unsigned bps; - unsigned limit_proportion; - - unsigned int num_dests; - unsigned int num_laddrs; - lcoreid_t cid; - - struct dp_vs_stats stats; - - char srange[256]; - char drange[256]; - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; -}; - -struct dp_vs_get_services { - lcoreid_t cid; - unsigned int num_services; - struct dp_vs_service_entry entrytable[0]; -}; - -struct dp_vs_service_user { - int af; - uint16_t proto; - union inet_addr addr; - uint16_t port; - uint32_t fwmark; - - char sched_name[DP_VS_SCHEDNAME_MAXLEN]; - unsigned flags; - unsigned timeout; - unsigned conn_timeout; - uint32_t netmask; - unsigned bps; - unsigned limit_proportion; - - char srange[256]; - char drange[256]; - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; -}; - -struct dp_vs_getinfo { - unsigned int version; - unsigned int size; - unsigned int num_services; - unsigned int num_lcores; -}; - -enum{ - DPVS_SO_SET_FLUSH = 200, - DPVS_SO_SET_ZERO, - DPVS_SO_SET_ADD, - DPVS_SO_SET_EDIT, - DPVS_SO_SET_DEL, - DPVS_SO_SET_ADDDEST, - DPVS_SO_SET_EDITDEST, - DPVS_SO_SET_DELDEST, - DPVS_SO_SET_GRATARP, -}; - -enum{ - DPVS_SO_GET_VERSION = 200, - DPVS_SO_GET_INFO, - DPVS_SO_GET_SERVICES, - DPVS_SO_GET_SERVICE, - DPVS_SO_GET_DESTS, -}; - - -#define SOCKOPT_SVC_BASE DPVS_SO_SET_FLUSH -#define SOCKOPT_SVC_SET_CMD_MAX DPVS_SO_SET_GRATARP -#define SOCKOPT_SVC_GET_CMD_MAX DPVS_SO_GET_DESTS -#define SOCKOPT_SVC_MAX 299 - -#define MAX_ARG_LEN (sizeof(struct dp_vs_service_user) + \ - sizeof(struct dp_vs_dest_user)) - -#endif /* __DPVS_SVC_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/stats.h b/tools/keepalived/keepalived/include/conf/stats.h deleted file mode 100644 index a6cfbb044..000000000 --- a/tools/keepalived/keepalived/include/conf/stats.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_STATS_CONF_H__ -#define __DPVS_STATS_CONF_H__ - -struct dp_vs_stats { - uint64_t conns; - uint64_t inpkts; - uint64_t inbytes; - uint64_t outpkts; - uint64_t outbytes; - - uint32_t cps; - uint32_t inpps; - uint32_t inbps; - uint32_t outpps; - uint32_t outbps; -}; - -#endif /* __DPVS_STATS_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/tc.h b/tools/keepalived/keepalived/include/conf/tc.h deleted file mode 100644 index 16d32d297..000000000 --- a/tools/keepalived/keepalived/include/conf/tc.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -/** - * traffic control config. - * see iproute2 tc modules. - * - * raychen@qiyi.com, Aug. 2017, initial. - */ -#ifndef __DPVS_TC_CONF_H__ -#define __DPVS_TC_CONF_H__ - -#include -#include "tc/tc.h" -#include "tc/sch.h" -#include "tc/cls.h" - -typedef enum { - /* set */ - SOCKOPT_TC_ADD = 900, - SOCKOPT_TC_DEL, - SOCKOPT_TC_CHANGE, - SOCKOPT_TC_REPLACE, - - /* get */ - SOCKOPT_TC_SHOW = 900, -} tc_oper_t; - -typedef enum { - TC_OBJ_QSCH, - TC_OBJ_CLS, -} tc_obj_t; - -/** - * scheduler section - */ -struct tc_qsch_param { - tc_handle_t handle; - tc_handle_t where; /* TC_H_ROOT | TC_H_INGRESS | parent */ - char kind[TCNAMESIZ]; /* qsch type: bfifo, tbf, ... */ - - union { - struct tc_tbf_qopt tbf; - struct tc_fifo_qopt fifo; - struct tc_prio_qopt prio; /* pfifo_fast ... */ - } qopt; - - /* get only */ - struct qsch_qstats qstats; - struct qsch_bstats bstats; - - /* master only, to fill stats from workers. */ - struct qsch_qstats qstats_cpus[DPVS_MAX_LCORE]; - struct qsch_bstats bstats_cpus[DPVS_MAX_LCORE]; -} __attribute__((__packed__)); - -struct tc_qsch_stats { - struct qsch_qstats qstats; - struct qsch_bstats bstats; -} __attribute__((__packed__)); - -/** - * classifier section - */ -struct tc_cls_param { - tc_handle_t sch_id; /* ID of Qsch attached to */ - tc_handle_t handle; /* or class-id */ - char kind[TCNAMESIZ]; /* tc_cls type: "match", ... */ - __be16 pkt_type; /* ETH_P_XXX */ - int priority; - - union { - struct tc_cls_match_copt match; - } copt; -} __attribute__((__packed__)); - -/** - * general section - */ -union tc_param { - struct tc_qsch_param qsch; - struct tc_cls_param cls; -} __attribute__((__packed__)); - -struct tc_conf { - tc_obj_t obj; /* schedler, classifier, ... */ - char ifname[IFNAMSIZ]; - union tc_param param; /* object specific parameters */ -} __attribute__((__packed__)); - -static inline tc_handle_t tc_handle_atoi(const char *handle) -{ - uint32_t maj, min; - - if (sscanf(handle, "%x:%x", &maj, &min) == 2) - return (maj << 16) | min; - - if (sscanf(handle, "%x:", &maj) == 1) - return (maj << 16); - - return TC_H_UNSPEC; -} - -static inline char *tc_handle_itoa(tc_handle_t handle, char *buf, size_t size) -{ - switch (handle) { - case TC_H_ROOT: - snprintf(buf, size, "%s", "root"); - break; - case TC_H_INGRESS: - snprintf(buf, size, "%s", "ingress"); - break; - default: - if (TC_H_MIN(handle)) - snprintf(buf, size, "%x:%x", - TC_H_MAJ(handle) >> 16, TC_H_MIN(handle)); - else - snprintf(buf, size, "%x:", TC_H_MAJ(handle) >> 16); - break; - } - - return buf; -} - -#endif /* __DPVS_TC_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/conf/vlan.h b/tools/keepalived/keepalived/include/conf/vlan.h deleted file mode 100644 index d4b9d6841..000000000 --- a/tools/keepalived/keepalived/include/conf/vlan.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * DPVS is a software load balancer (Virtual Server) based on DPDK. - * - * Copyright (C) 2017 iQIYI (www.iqiyi.com). - * All Rights Reserved. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - */ -#ifndef __DPVS_VLAN_CONF_H__ -#define __DPVS_VLAN_CONF_H__ -#include -#include -#include "vlan.h" - -enum { - /* set */ - SOCKOPT_SET_VLAN_ADD = 800, - SOCKOPT_SET_VLAN_DEL, - - /* get */ - SOCKOPT_GET_VLAN_SHOW, -}; - -struct vlan_param { - char real_dev[IFNAMSIZ]; /* underlying device name */ - char ifname[IFNAMSIZ]; /* vlan device name, e.g., dpdk0.100 - leave it empty auto-generate when add. */ - uint16_t vlan_proto; /* ETH_P_8021Q ... */ - uint16_t vlan_id; /* host byte order */ -} __attribute__((__packed__)); - -struct vlan_param_array { - int nparam; - struct vlan_param params[0]; -}; - -#endif /* __DPVS_VLAN_CONF_H__ */ diff --git a/tools/keepalived/keepalived/include/ip_vs.h b/tools/keepalived/keepalived/include/ip_vs.h index cd2bef2e6..6d9c51fee 100644 --- a/tools/keepalived/keepalived/include/ip_vs.h +++ b/tools/keepalived/keepalived/include/ip_vs.h @@ -21,15 +21,19 @@ #include "dp_vs.h" +///////////////////////////////////////////////////////////////////////////////////////// +// +// Part1. headers derived from "linux/ip_vs.h" +// +///////////////////////////////////////////////////////////////////////////////////////// + #define IP_VS_VERSION_CODE 0x010201 #define NVERSION(version) \ (version >> 16) & 0xFF, \ (version >> 8) & 0xFF, \ version & 0xFF -/* - * * Virtual Service Flags - * */ +/* Virtual Service Flags */ #define IP_VS_SVC_F_PERSISTENT 0x0001 /* persistent port */ #define IP_VS_SVC_F_HASHED 0x0002 /* hashed entry */ #define IP_VS_SVC_F_ONEPACKET 0x0004 /* one-packet scheduling */ @@ -44,22 +48,17 @@ #define IP_VS_SVC_F_SCHED_SH_FALLBACK IP_VS_SVC_F_SCHED1 /* SH fallback */ #define IP_VS_SVC_F_SCHED_SH_PORT IP_VS_SVC_F_SCHED2 /* SH use port */ -/* - * * Destination Server Flags - * */ + +/* Destination Server Flags */ #define IP_VS_DEST_F_AVAILABLE 0x0001 /* server is available */ #define IP_VS_DEST_F_OVERLOAD 0x0002 /* server is overloaded */ -/* - * * IPVS sync daemon states - * */ +/* IPVS sync daemon states */ #define IP_VS_STATE_NONE 0x0000 /* daemon is stopped */ #define IP_VS_STATE_MASTER 0x0001 /* started as master */ #define IP_VS_STATE_BACKUP 0x0002 /* started as backup */ -/* - * * IPVS socket options - * */ +/* IPVS socket options */ #define IP_VS_BASE_CTL (64+1024+64) /* base */ #define IP_VS_SO_SET_NONE IP_VS_BASE_CTL /* just peek */ @@ -84,7 +83,7 @@ #define IP_VS_SO_SET_DELBLKLST (IP_VS_BASE_CTL+19) #define IP_VS_SO_SET_ADDTUNNEL (IP_VS_BASE_CTL+20) #define IP_VS_SO_SET_DELTUNNEL (IP_VS_BASE_CTL+21) -#define IP_VS_SO_SET_MAX IP_VS_SO_SET_DELBLKLST +#define IP_VS_SO_SET_MAX IP_VS_SO_SET_DELTUNNEL #define IP_VS_SO_GET_VERSION IP_VS_BASE_CTL #define IP_VS_SO_GET_INFO (IP_VS_BASE_CTL+1) @@ -97,11 +96,10 @@ #define IP_VS_SO_GET_LADDRS (IP_VS_BASE_CTL+8) #define IP_VS_SO_GET_MAX IP_VS_SO_GET_LADDRS - /* - * * IPVS Connection Flags - * * Only flags 0..15 are sent to backup server - * */ + * IPVS Connection Flags + * Only flags 0..15 are sent to backup server + */ #define IP_VS_CONN_F_FWD_MASK 0x0007 /* mask for the fwd methods */ #define IP_VS_CONN_F_MASQ 0x0000 /* masquerading/NAT */ #define IP_VS_CONN_F_LOCALNODE 0x0001 /* local node */ @@ -148,40 +146,26 @@ #define IP_VS_IFNAME_MAXLEN 16 #define IP_VS_PEDATA_MAXLEN 255 -struct ip_vs_service_kern { - /* virtual service addresses */ - u_int16_t protocol; - __be32 __addr_v4; /* virtual ip address */ - __be16 port; - u_int32_t fwmark; /* firwall mark of service */ - - /* virtual service options */ - char sched_name[IP_VS_SCHEDNAME_MAXLEN]; - unsigned flags; /* virtual service flags */ - unsigned timeout; /* persistent timeout in sec */ - unsigned conn_timeout; - __be32 netmask; /* persistent netmask */ - unsigned bps; - unsigned limit_proportion; - - char srange[256]; - char drange[256]; - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; -}; +struct ip_vs_service_user { + /* virtual service addresses */ + u_int16_t protocol; + __be32 __addr_v4; /* virtual ip address */ + __be16 port; + u_int32_t fwmark; /* firwall mark of service */ -struct ip_vs_dest_kern { - /* destination server address */ - __be32 addr; - __be16 port; + /* virtual service options */ + char sched_name[IP_VS_SCHEDNAME_MAXLEN]; + unsigned flags; /* virtual service flags */ + unsigned timeout; /* persistent timeout in sec */ + unsigned conn_timeout; + __be32 netmask; /* persistent netmask */ + unsigned bps; + unsigned limit_proportion; - /* real server options */ - unsigned conn_flags; /* connection flags */ - int weight; /* destination weight */ - - /* thresholds for active connections */ - u_int32_t u_threshold; /* upper threshold */ - u_int32_t l_threshold; /* lower threshold */ + char srange[256]; + char drange[256]; + char iifname[IFNAMSIZ]; + char oifname[IFNAMSIZ]; }; struct ip_vs_dest_user { @@ -198,17 +182,13 @@ struct ip_vs_dest_user { __u32 l_threshold; /* lower threshold */ }; - -struct ip_vs_laddr_kern { - __be32 addr; -}; - struct ip_vs_laddr_user { __be32 __addr_v4; u_int16_t af; union nf_inet_addr addr; char ifname[IFNAMSIZ]; }; + struct ip_vs_blklst_user { __be32 __addr_v4; u_int16_t af; @@ -223,14 +203,12 @@ struct ip_vs_tunnel_user { union nf_inet_addr raddr; }; -/* - * * IPVS statistics object (for user space) - * */ +/* IPVS statistics object (for user space) */ struct ip_vs_stats_user { __u64 conns; /* connections scheduled */ __u64 inpkts; /* incoming packets */ - __u64 outpkts; /* outgoing packets */ __u64 inbytes; /* incoming bytes */ + __u64 outpkts; /* outgoing packets */ __u64 outbytes; /* outgoing bytes */ __u32 cps; /* current connection rate */ @@ -252,27 +230,6 @@ struct ip_vs_getinfo { unsigned int num_services; }; -/* The argument to IP_VS_SO_GET_SERVICE */ -struct ip_vs_service_entry_kern { - /* which service: user fills in these */ - u_int16_t protocol; - __be32 addr; /* virtual address */ - __be16 port; - u_int32_t fwmark; /* firwall mark of service */ - - /* service options */ - char sched_name[IP_VS_SCHEDNAME_MAXLEN]; - unsigned flags; /* virtual service flags */ - unsigned timeout; /* persistent timeout */ - unsigned conn_timeout; - __be32 netmask; /* persistent netmask */ - unsigned bps; - unsigned limit_proportion; - - /* number of lcores*/ - unsigned int num_lcores; -}; - /* The argument to IP_VS_SO_GET_SERVICE */ struct ip_vs_service_entry { /* which service: user fills in these */ @@ -303,23 +260,6 @@ struct ip_vs_service_entry { char oifname[IFNAMSIZ]; }; -struct ip_vs_dest_entry_kern { - __be32 addr; /* destination address */ - __be16 port; - unsigned conn_flags; /* connection flags */ - int weight; /* destination weight */ - - u_int32_t u_threshold; /* upper threshold */ - u_int32_t l_threshold; /* lower threshold */ - - u_int32_t activeconns; /* active connections */ - u_int32_t inactconns; /* inactive connections */ - u_int32_t persistconns; /* persistent connections */ - - /* statistics */ - struct ip_vs_stats_user stats; -}; - struct ip_vs_dest_entry { __be32 __addr_v4; /* destination address */ __be16 port; @@ -332,12 +272,9 @@ struct ip_vs_dest_entry { __u32 activeconns; /* active connections */ __u32 inactconns; /* inactive connections */ __u32 persistconns; /* persistent connections */ -}; -struct ip_vs_laddr_entry_kern { - __be32 __addr_v4; /* local address - internal use only */ - u_int64_t port_conflict; /* conflict counts */ - u_int32_t conn_counts; /* current connects */ + /* statistics */ + struct ip_vs_stats_user stats; }; struct ip_vs_laddr_entry { @@ -364,41 +301,6 @@ struct ip_vs_get_laddrs { struct ip_vs_laddr_entry entrytable[0]; }; -/* The argument to IP_VS_SO_GET_DESTS */ -struct ip_vs_get_dests_kern { - /* which service: user fills in these */ - u_int16_t protocol; - __be32 addr; /* virtual address - internal use only */ - __be16 port; - u_int32_t fwmark; /* firwall mark of service */ - - /* number of real servers */ - unsigned int num_dests; - - char srange[256]; - char drange[256]; - char iifname[IFNAMSIZ]; - char oifname[IFNAMSIZ]; - - /* the real servers */ - struct ip_vs_dest_entry_kern entrytable[0]; -}; - -/* The argument to IP_VS_SO_GET_DESTS */ -struct ip_vs_get_dests { - /* which service: user fills in these */ - __u16 protocol; - __be32 addr; /* virtual address */ - __be16 port; - __u32 fwmark; /* firwall mark of service */ - - /* number of real servers */ - unsigned int num_dests; - - /* the real servers */ - struct ip_vs_dest_entry entrytable[0]; -}; - /* The argument to IP_VS_SO_GET_SERVICES */ struct ip_vs_get_services { /* number of virtual services */ @@ -415,7 +317,6 @@ struct ip_vs_timeout_user { int udp_timeout; }; - /* The argument to IP_VS_SO_GET_DAEMON */ struct ip_vs_daemon_user { /* sync daemon state (master/backup) */ @@ -435,10 +336,10 @@ struct ip_vs_daemon_user { #define IPADDRESS_ADD 1 /* - * * - * * IPVS Generic Netlink interface definitions - * * - * */ + * + * IPVS Generic Netlink interface definitions + * + */ /* Generic Netlink family info */ @@ -497,10 +398,10 @@ enum { #define IPVS_CMD_ATTR_MAX (__IPVS_SVC_ATTR_MAX - 1) /* - * * Attributes used to describe a service - * * - * * Used inside nested attribute IPVS_CMD_ATTR_SERVICE - * */ + * Attributes used to describe a service + * + * Used inside nested attribute IPVS_CMD_ATTR_SERVICE + */ enum { IPVS_SVC_ATTR_UNSPEC = 0, IPVS_SVC_ATTR_AF, /* address family */ @@ -524,10 +425,10 @@ enum { #define IPVS_SVC_ATTR_MAX (__IPVS_SVC_ATTR_MAX - 1) /* - * * Attributes used to describe a destination (real server) - * * - * * Used inside nested attribute IPVS_CMD_ATTR_DEST - * */ + * Attributes used to describe a destination (real server) + * + * Used inside nested attribute IPVS_CMD_ATTR_DEST + */ enum { IPVS_DEST_ATTR_UNSPEC = 0, IPVS_DEST_ATTR_ADDR, /* real server address */ @@ -550,10 +451,10 @@ enum { #define IPVS_DEST_ATTR_MAX (__IPVS_DEST_ATTR_MAX - 1) /* - * * Attributes describing a sync daemon - * * - * * Used inside nested attribute IPVS_CMD_ATTR_DAEMON - * */ + * Attributes describing a sync daemon + * + * Used inside nested attribute IPVS_CMD_ATTR_DAEMON + */ enum { IPVS_DAEMON_ATTR_UNSPEC = 0, IPVS_DAEMON_ATTR_STATE, /* sync daemon state (master/backup) */ @@ -565,10 +466,10 @@ enum { #define IPVS_DAEMON_ATTR_MAX (__IPVS_DAEMON_ATTR_MAX - 1) /* - * * Attributes used to describe service or destination entry statistics - * * - * * Used inside nested attributes IPVS_SVC_ATTR_STATS and IPVS_DEST_ATTR_STATS - * */ + * Attributes used to describe service or destination entry statistics + * + * Used inside nested attributes IPVS_SVC_ATTR_STATS and IPVS_DEST_ATTR_STATS + */ enum { IPVS_STATS_ATTR_UNSPEC = 0, IPVS_STATS_ATTR_CONNS, /* connections scheduled */ @@ -597,6 +498,13 @@ enum { #define IPVS_INFO_ATTR_MAX (__IPVS_INFO_ATTR_MAX - 1) + +///////////////////////////////////////////////////////////////////////////////////////// +// +// Part2. headers derived from "keepalived/include/ip_vs.h" +// +///////////////////////////////////////////////////////////////////////////////////////// + #ifdef _WITH_LVS_64BIT_STATS_ struct ip_vs_stats64 { __u64 conns; /* connections scheduled */ @@ -617,7 +525,7 @@ typedef struct ip_vs_stats_user ip_vs_stats_t; #endif struct ip_vs_service_app { - struct ip_vs_service_kern user; + struct ip_vs_service_user user; uint16_t af; union nf_inet_addr nf_addr; char pe_name[IP_VS_PENAME_MAXLEN]; @@ -636,7 +544,6 @@ struct ip_vs_dest_app { #endif }; - struct ip_vs_service_entry_app { struct ip_vs_service_entry user; ip_vs_stats_t stats; diff --git a/tools/keepalived/keepalived/include/libipvs.h b/tools/keepalived/keepalived/include/libipvs.h index e211f8751..074b0854c 100644 --- a/tools/keepalived/keepalived/include/libipvs.h +++ b/tools/keepalived/keepalived/include/libipvs.h @@ -41,7 +41,7 @@ #define OPT_IFNAME 0x4000000 #define OPT_SOCKPAIR 0x8000000 #define OPT_HASHTAG 0x10000000 -#define NUMBER_OF_OPT 30 //opt cid is not defined above +#define NUMBER_OF_OPT 30 #define MINIMUM_IPVS_VERSION_MAJOR 1 #define MINIMUM_IPVS_VERSION_MINOR 1 @@ -69,10 +69,10 @@ typedef struct ip_vs_daemon_app ipvs_daemon_t; typedef struct ip_vs_service_entry_app ipvs_service_entry_t; typedef struct ip_vs_dest_entry_app ipvs_dest_entry_t; typedef struct ip_vs_laddr_user ipvs_laddr_t; -typedef struct ip_vs_blklst_user ipvs_blklst_t; +typedef struct ip_vs_blklst_user ipvs_blklst_t; typedef struct ip_vs_tunnel_user ipvs_tunnel_t; typedef struct ip_vs_laddr_entry ipvs_laddr_entry_t; -typedef struct ip_vs_blklst_entry ipvs_blklst_entry_t; +typedef struct ip_vs_blklst_entry ipvs_blklst_entry_t; /* init socket and get ipvs info */ @@ -111,7 +111,7 @@ extern int ipvs_update_dest(ipvs_service_t *svc, ipvs_dest_t *dest); /* remove a destination server from a service */ extern int ipvs_del_dest(ipvs_service_t *svc, ipvs_dest_t *dest); -extern struct ip_vs_conn_array* ip_vs_get_conns(const struct ip_vs_conn_req *req); +extern struct ip_vs_conn_array *ip_vs_get_conns(const struct ip_vs_conn_req *req); extern int ipvs_add_laddr(ipvs_service_t *svc, ipvs_laddr_t * laddr); extern int ipvs_del_laddr(ipvs_service_t *svc, ipvs_laddr_t * laddr); diff --git a/tools/keepalived/keepalived/include/vrrp_iproute.h b/tools/keepalived/keepalived/include/vrrp_iproute.h index 8f7a72183..27343e28e 100644 --- a/tools/keepalived/keepalived/include/vrrp_iproute.h +++ b/tools/keepalived/keepalived/include/vrrp_iproute.h @@ -185,9 +185,6 @@ enum ip_route { typedef struct _ip_route { ip_address_t *dst; ip_address_t *src; - uint8_t dmask; - ip_address_t *gw; /* RTA_GATEWAY */ - ip_address_t *gw2; /* Will use RTA_MULTIPATH */ ip_address_t *pref_src; uint8_t family; uint8_t tos; @@ -234,8 +231,7 @@ typedef struct _ip_route { bool ttl_propagate; #endif uint8_t type; - - char ifname[16]; + char ifname[16]; uint32_t realms; #if HAVE_DECL_RTA_ENCAP diff --git a/tools/keepalived/keepalived/vrrp/vrrp_iproute.c b/tools/keepalived/keepalived/vrrp/vrrp_iproute.c index a8ad926c7..f6e070916 100644 --- a/tools/keepalived/keepalived/vrrp/vrrp_iproute.c +++ b/tools/keepalived/keepalived/vrrp/vrrp_iproute.c @@ -302,99 +302,89 @@ add_nexthops(ip_route_t *route, struct nlmsghdr *nlh, struct rtmsg *rtm) * */ static int scope_n2dpvs(int scope) { - if (scope == 254) - return ROUTE_CF_SCOPE_HOST; - if (scope == 253) - return ROUTE_CF_SCOPE_LINK; - if (scope == 0) - return ROUTE_CF_SCOPE_GLOBAL; - return ROUTE_CF_SCOPE_GLOBAL; + if (scope == 254) + return ROUTE_CF_SCOPE_HOST; + if (scope == 253) + return ROUTE_CF_SCOPE_LINK; + if (scope == 0) + return ROUTE_CF_SCOPE_GLOBAL; + return ROUTE_CF_SCOPE_GLOBAL; } static int flag_n2dpvs(int scope) { - if (scope == 254) - return RTF_LOCALIN; - if (scope == 253) - return RTF_FORWARD; - return RTF_FORWARD; + if (scope == 254) + return RTF_LOCALIN; + if (scope == 253) + return RTF_FORWARD; + return RTF_FORWARD; } static void dpvs_fill_rt4conf(ip_route_t *iproute, struct dp_vs_route_conf *route_conf) { - route_conf->af = AF_INET; - (route_conf->dst).in = (iproute->dst->u).sin.sin_addr; - route_conf->plen = iproute->dmask; - - if (iproute->gw){ - (route_conf->via).in = (iproute->gw->u).sin.sin_addr; - } else { - (route_conf->via).in.s_addr = 0; - } - - if (iproute->src){ - (route_conf->src).in = (iproute->src->u).sin.sin_addr; - } else { - (route_conf->src).in.s_addr = 0; - } - - route_conf->scope = scope_n2dpvs(iproute->scope); - strcpy(route_conf->ifname, iproute->ifname); - route_conf->mtu = 0; - route_conf->metric = 0; + route_conf->af = AF_INET; + (route_conf->dst).in = (iproute->dst->u).sin.sin_addr; + route_conf->plen = iproute->dst->ifa.ifa_prefixlen; + + if (iproute->via){ + (route_conf->via).in = (iproute->via->u).sin.sin_addr; + } else { + (route_conf->via).in.s_addr = 0; + } + + if (iproute->pref_src){ + (route_conf->src).in = (iproute->pref_src->u).sin.sin_addr; + } else { + (route_conf->src).in.s_addr = 0; + } + + route_conf->scope = scope_n2dpvs(iproute->scope); + strncpy(route_conf->ifname, iproute->ifname, sizeof(route_conf->ifname)); + route_conf->mtu = 0; + route_conf->metric = 0; } static void dpvs_fill_rt6conf(ip_route_t *iproute, struct dp_vs_route6_conf *rt6_cfg) { - rt6_cfg->dst.addr = ((iproute->dst)->u).sin6_addr; - rt6_cfg->dst.plen = iproute->dmask; - rt6_cfg->src.plen = 128; - if (iproute->gw) { - rt6_cfg->gateway = (iproute->gw->u).sin6_addr; - } else { - memset(&rt6_cfg->gateway, 0, sizeof(rt6_cfg->gateway)); - } - - if (iproute->src) { - rt6_cfg->src.addr = (iproute->src->u).sin6_addr; - } else { - memset(&rt6_cfg->src, 0, sizeof(rt6_cfg->src)); - } - - rt6_cfg->flags |= flag_n2dpvs(iproute->scope); - strcpy(rt6_cfg->ifname, iproute->ifname); - rt6_cfg->mtu = 0; + rt6_cfg->dst.addr = ((iproute->dst)->u).sin6_addr; + rt6_cfg->dst.plen = iproute->dst->ifa.ifa_prefixlen; + rt6_cfg->src.plen = 128; + if (iproute->via) { + rt6_cfg->gateway = (iproute->via->u).sin6_addr; + } else { + memset(&rt6_cfg->gateway, 0, sizeof(rt6_cfg->gateway)); + } + + if (iproute->pref_src) { + rt6_cfg->src.addr = (iproute->pref_src->u).sin6_addr; + } else { + memset(&rt6_cfg->src, 0, sizeof(rt6_cfg->src)); + } + + rt6_cfg->flags |= flag_n2dpvs(iproute->scope); + strncpy(rt6_cfg->ifname, iproute->ifname, sizeof(rt6_cfg->ifname)); + rt6_cfg->mtu = 0; } static int netlink_route(ip_route_t *iproute, int cmd) { - char *tmp_dst,*tmp_src; - - tmp_dst = ipaddresstos(NULL, iproute->dst); - tmp_src = ipaddresstos(NULL, iproute->src); - - log_message(LOG_INFO, "ip route %d %s/%d src %s port %s scope %d", - cmd, tmp_dst, iproute->dmask, tmp_src, iproute->ifname, iproute->scope); - FREE(tmp_dst); - FREE(tmp_src); - - if (iproute->dst->ifa.ifa_family == AF_INET) { - struct dp_vs_route_conf *route_conf; - route_conf = (struct dp_vs_route_conf *)malloc(sizeof(struct dp_vs_route_conf)); - memset(route_conf, 0, sizeof(*route_conf)); - dpvs_fill_rt4conf(iproute, route_conf); - ipvs_set_route(route_conf, cmd); - free(route_conf); - } else { - struct dp_vs_route6_conf *rt6_cfg; - rt6_cfg = (struct dp_vs_route6_conf *)malloc(sizeof(struct dp_vs_route6_conf)); - memset(rt6_cfg, 0, sizeof(*rt6_cfg)); - dpvs_fill_rt6conf(iproute, rt6_cfg); - ipvs_set_route6(rt6_cfg, cmd); - free(rt6_cfg); - } - return 1; + if (iproute->dst->ifa.ifa_family == AF_INET) { + struct dp_vs_route_conf *route_conf; + route_conf = (struct dp_vs_route_conf *)malloc(sizeof(struct dp_vs_route_conf)); + memset(route_conf, 0, sizeof(*route_conf)); + dpvs_fill_rt4conf(iproute, route_conf); + ipvs_set_route(route_conf, cmd); + free(route_conf); + } else { + struct dp_vs_route6_conf *rt6_cfg; + rt6_cfg = (struct dp_vs_route6_conf *)malloc(sizeof(struct dp_vs_route6_conf)); + memset(rt6_cfg, 0, sizeof(*rt6_cfg)); + dpvs_fill_rt6conf(iproute, rt6_cfg); + ipvs_set_route6(rt6_cfg, cmd); + free(rt6_cfg); + } + return 1; } /* Add/Delete a list of IP routes */ @@ -581,8 +571,8 @@ format_iproute(const ip_route_t *route, char *buf, size_t buf_len) if (route->via) op += (size_t)snprintf(op, (size_t)(buf_end - op), " via %s %s", route->via->ifa.ifa_family == AF_INET6 ? "inet6" : "inet", ipaddresstos(NULL, route->via)); - if (route->oif) - op += (size_t)snprintf(op, (size_t)(buf_end - op), " dev %s", route->oif->ifname); + if (route->ifname[0]) + op += (size_t)snprintf(op, (size_t)(buf_end - op), " dev %s", route->ifname); if (route->table != RT_TABLE_MAIN) op += (size_t)snprintf(op, (size_t)(buf_end - op), " table %u", route->table); @@ -751,6 +741,7 @@ format_iproute(const ip_route_t *route, char *buf, size_t buf_len) if (route->track_group) op += (size_t)snprintf(op, (size_t)(buf_end - op), " track_group %s", route->track_group->gname); +#if 0 if (route->set && !route->dont_track && (!route->oif || route->oif->ifindex != route->configured_ifindex)) { @@ -759,6 +750,7 @@ format_iproute(const ip_route_t *route, char *buf, size_t buf_len) else op += (size_t)snprintf(op, (size_t)(buf_end - op), " [installed ifindex %" PRIu32 "]", route->configured_ifindex); } +#endif } void @@ -1164,6 +1156,8 @@ alloc_route(list rt_list, const vector_t *strvec, bool allow_track_group) new->scope = RT_SCOPE_UNIVERSE; new->type = RTN_UNICAST; new->family = AF_UNSPEC; + new->oif = NULL; + memset(new->ifname, 0, sizeof(new->ifname)); /* FMT parse */ while (i < vector_size(strvec)) { @@ -1641,13 +1635,13 @@ alloc_route(list rt_list, const vector_t *strvec, bool allow_track_group) * when the interfaces for all of the hops have gone down. We would need to track * all of the interfaces being used, and only mark the route as down if all the * interfaces are down. */ - report_config_error(CONFIG_GENERAL_ERROR, "Warning - cannot track route %s with no interface specified, not tracking", dest); + //report_config_error(CONFIG_GENERAL_ERROR, "Warning - cannot track route %s with no interface specified, not tracking", dest); new->dont_track = true; } } if (new->track_group && !new->oif) { - report_config_error(CONFIG_GENERAL_ERROR, "Static route cannot have track group if no oif specified"); + //report_config_error(CONFIG_GENERAL_ERROR, "Static route cannot have track group if no oif specified"); new->track_group = NULL; } diff --git a/tools/keepalived/keepalived/vrrp/vrrp_parser.c b/tools/keepalived/keepalived/vrrp/vrrp_parser.c index dae6f9817..d5d8c30fd 100644 --- a/tools/keepalived/keepalived/vrrp/vrrp_parser.c +++ b/tools/keepalived/keepalived/vrrp/vrrp_parser.c @@ -1279,13 +1279,13 @@ vrrp_vscript_user_handler(const vector_t *strvec) script_user_set = true; } } -//for dpdk port + static void vrrp_dpdk_int_handler(const vector_t *strvec) { - vrrp_t *vrrp = LIST_TAIL_DATA(vrrp_data->vrrp); - strcpy (vrrp->dpdk_ifp, vector_slot(strvec, 1)); - log_message(LOG_INFO, "find dpdk interface %s !!!", vrrp->dpdk_ifp); + vrrp_t *vrrp = LIST_TAIL_DATA(vrrp_data->vrrp); + strcpy (vrrp->dpdk_ifp, vector_slot(strvec, 1)); + log_message(LOG_INFO, "find dpdk interface -- %s", vrrp->dpdk_ifp); } static void diff --git a/tools/keepalived/lib/utils.c b/tools/keepalived/lib/utils.c index 0fc5dd452..1db60856f 100644 --- a/tools/keepalived/lib/utils.c +++ b/tools/keepalived/lib/utils.c @@ -696,6 +696,8 @@ inet_sockaddrtotrio_r(const struct sockaddr_storage *addr, uint16_t proto, char proto == IPPROTO_TCP ? "tcp" : proto == IPPROTO_UDP ? "udp" : proto == IPPROTO_SCTP ? "sctp" : + proto == IPPROTO_ICMP ? "icmp": + proto == IPPROTO_ICMPV6 ? "icmp6": proto == 0 ? "none" : "?"; inet_sockaddrtos2(addr, addr_str);