Pandora Sourcecodes - pandora-kernel.git/commit

author	Julian Anastasov <ja@ssi.bg>
	Sun, 5 Sep 2010 18:02:29 +0000 (18:02 +0000)
committer	David S. Miller <davem@davemloft.net>
	Wed, 8 Sep 2010 17:39:57 +0000 (10:39 -0700)
commit	6523ce1525e88c598c75a1a6b8c4edddfa9defe8
tree	c3439e9c509676a0c29cd81fdaa65ad2632b903c	tree \| snapshot
parent	64289c8e6851bca0e589e064c9a5c9fbd6ae5dd4	commit \| diff

ipvs: fix active FTP

- Do not create expectation when forwarding the PORT
  command to avoid blocking the connection. The problem is that
  nf_conntrack_ftp.c:help() tries to create the same expectation later in
  POST_ROUTING and drops the packet with "dropping packet" message after
  failure in nf_ct_expect_related.

- Change ip_vs_update_conntrack to alter the conntrack
  for related connections from real server. If we do not alter the reply in
  this direction the next packet from client sent to vport 20 comes as NEW
  connection. We alter it but may be some collision happens for both
  conntracks and the second conntrack gets destroyed immediately. The
  connection stucks too.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/ip_vs.h		diff \| blob \| history
net/netfilter/ipvs/ip_vs_core.c		diff \| blob \| history
net/netfilter/ipvs/ip_vs_ftp.c		diff \| blob \| history
net/netfilter/ipvs/ip_vs_xmit.c		diff \| blob \| history