@@ -401,6 +401,8 @@ struct ip_vs_conn *ip_vs_ct_in_get(const struct ip_vs_conn_param *p)
struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p)
{
unsigned int hash;
+ __be16 cport;
+ const union nf_inet_addr *caddr;
struct ip_vs_conn *cp, *ret=NULL;
/*
@@ -411,10 +413,17 @@ struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p)
rcu_read_lock();
hlist_for_each_entry_rcu(cp, &ip_vs_conn_tab[hash], c_list) {
- if (p->vport == cp->cport && p->cport == cp->dport &&
+ if (IP_VS_FWD_METHOD(cp) != IP_VS_CONN_F_MASQ){
+ cport = cp->vport;
+ caddr = &cp->vaddr;
+ } else {
+ cport = cp->dport;
+ caddr = &cp->daddr;
+ }
+ if (p->vport == cp->cport && p->cport == cport &&
cp->af == p->af &&
ip_vs_addr_equal(p->af, p->vaddr, &cp->caddr) &&
- ip_vs_addr_equal(p->af, p->caddr, &cp->daddr) &&
+ ip_vs_addr_equal(p->af, p->caddr, caddr) &&
p->protocol == cp->protocol &&
cp->ipvs == p->ipvs) {
if (!__ip_vs_conn_get(cp))
@@ -1413,8 +1413,11 @@ ip_vs_out(struct netns_ipvs *ipvs, unsigned int hooknum, struct sk_buff *skb, in
ipvs, af, skb, &iph);
if (likely(cp)) {
- if (IP_VS_FWD_METHOD(cp) != IP_VS_CONN_F_MASQ)
+ if (IP_VS_FWD_METHOD(cp) != IP_VS_CONN_F_MASQ){
+ ip_vs_out_stats(cp, skb);
+ skb->ipvs_property = 1;
goto ignore_cp;
+ }
return handle_response(af, skb, pd, cp, &iph, hooknum);
}
It's ipvs's duty to do traffic statistic if packets get hit, no matter what mode it is. Signed-off-by: longguang.yue <bigclouds@163.com> --- net/netfilter/ipvs/ip_vs_conn.c | 13 +++++++++++-- net/netfilter/ipvs/ip_vs_core.c | 5 ++++- 2 files changed, 15 insertions(+), 3 deletions(-)