diff options
| author | Julian Anastasov <ja@ssi.bg> | 2010-09-21 15:38:57 (GMT) |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2010-09-21 15:38:57 (GMT) |
| commit | 8a8030407f55a6aaedb51167c1a2383311fcd707 (patch) | |
| tree | 585f2963a56e528a06f0f3180985faa8a368d3b8 /net/netfilter/ipvs/ip_vs_ctl.c | |
| parent | f4bc17cdd205ebaa3807c2aa973719bb5ce6a5b2 (diff) | |
| download | linux-fsl-qoriq-8a8030407f55a6aaedb51167c1a2383311fcd707.tar.xz | |
ipvs: make rerouting optional with snat_reroute
Add new sysctl flag "snat_reroute". Recent kernels use
ip_route_me_harder() to route LVS-NAT responses properly by
VIP when there are multiple paths to client. But setups
that do not have alternative default routes can skip this
routing lookup by using snat_reroute=0.
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter/ipvs/ip_vs_ctl.c')
| -rw-r--r-- | net/netfilter/ipvs/ip_vs_ctl.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index d2d842f..e637cd0 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -91,6 +91,7 @@ int sysctl_ip_vs_nat_icmp_send = 0; #ifdef CONFIG_IP_VS_NFCT int sysctl_ip_vs_conntrack; #endif +int sysctl_ip_vs_snat_reroute = 1; #ifdef CONFIG_IP_VS_DEBUG @@ -1599,6 +1600,13 @@ static struct ctl_table vs_vars[] = { .mode = 0644, .proc_handler = proc_do_defense_mode, }, + { + .procname = "snat_reroute", + .data = &sysctl_ip_vs_snat_reroute, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, #if 0 { .procname = "timeout_established", |