1 #include <linux/kernel.h>
3 #include <linux/sctp.h>
5 #include <net/ip6_checksum.h>
6 #include <linux/netfilter.h>
7 #include <linux/netfilter_ipv4.h>
8 #include <net/sctp/checksum.h>
12 sctp_conn_schedule(int af
, struct sk_buff
*skb
, struct ip_vs_proto_data
*pd
,
13 int *verdict
, struct ip_vs_conn
**cpp
,
14 struct ip_vs_iphdr
*iph
)
17 struct ip_vs_service
*svc
;
18 sctp_chunkhdr_t _schunkh
, *sch
;
19 sctp_sctphdr_t
*sh
, _sctph
;
21 sh
= skb_header_pointer(skb
, iph
->len
, sizeof(_sctph
), &_sctph
);
25 sch
= skb_header_pointer(skb
, iph
->len
+ sizeof(sctp_sctphdr_t
),
26 sizeof(_schunkh
), &_schunkh
);
31 if ((sch
->type
== SCTP_CID_INIT
) &&
32 (svc
= ip_vs_service_find(net
, af
, skb
->mark
, iph
->protocol
,
33 &iph
->daddr
, sh
->dest
))) {
36 if (ip_vs_todrop(net_ipvs(net
))) {
38 * It seems that we are very loaded.
39 * We have to drop this packet :(
46 * Let the virtual server select a real server for the
47 * incoming connection, and create a connection entry.
49 *cpp
= ip_vs_schedule(svc
, skb
, pd
, &ignored
, iph
);
50 if (!*cpp
&& ignored
<= 0) {
52 *verdict
= ip_vs_leave(svc
, skb
, pd
, iph
);
64 static void sctp_nat_csum(struct sk_buff
*skb
, sctp_sctphdr_t
*sctph
,
65 unsigned int sctphoff
)
70 crc32
= sctp_start_cksum((__u8
*)sctph
, skb_headlen(skb
) - sctphoff
);
71 skb_walk_frags(skb
, iter
)
72 crc32
= sctp_update_cksum((u8
*) iter
->data
,
73 skb_headlen(iter
), crc32
);
74 sctph
->checksum
= sctp_end_cksum(crc32
);
76 skb
->ip_summed
= CHECKSUM_UNNECESSARY
;
80 sctp_snat_handler(struct sk_buff
*skb
, struct ip_vs_protocol
*pp
,
81 struct ip_vs_conn
*cp
, struct ip_vs_iphdr
*iph
)
83 sctp_sctphdr_t
*sctph
;
84 unsigned int sctphoff
= iph
->len
;
86 #ifdef CONFIG_IP_VS_IPV6
87 if (cp
->af
== AF_INET6
&& iph
->fragoffs
)
91 /* csum_check requires unshared skb */
92 if (!skb_make_writable(skb
, sctphoff
+ sizeof(*sctph
)))
95 if (unlikely(cp
->app
!= NULL
)) {
96 /* Some checks before mangling */
97 if (pp
->csum_check
&& !pp
->csum_check(cp
->af
, skb
, pp
))
100 /* Call application helper if needed */
101 if (!ip_vs_app_pkt_out(cp
, skb
))
105 sctph
= (void *) skb_network_header(skb
) + sctphoff
;
106 sctph
->source
= cp
->vport
;
108 sctp_nat_csum(skb
, sctph
, sctphoff
);
114 sctp_dnat_handler(struct sk_buff
*skb
, struct ip_vs_protocol
*pp
,
115 struct ip_vs_conn
*cp
, struct ip_vs_iphdr
*iph
)
117 sctp_sctphdr_t
*sctph
;
118 unsigned int sctphoff
= iph
->len
;
120 #ifdef CONFIG_IP_VS_IPV6
121 if (cp
->af
== AF_INET6
&& iph
->fragoffs
)
125 /* csum_check requires unshared skb */
126 if (!skb_make_writable(skb
, sctphoff
+ sizeof(*sctph
)))
129 if (unlikely(cp
->app
!= NULL
)) {
130 /* Some checks before mangling */
131 if (pp
->csum_check
&& !pp
->csum_check(cp
->af
, skb
, pp
))
134 /* Call application helper if needed */
135 if (!ip_vs_app_pkt_in(cp
, skb
))
139 sctph
= (void *) skb_network_header(skb
) + sctphoff
;
140 sctph
->dest
= cp
->dport
;
142 sctp_nat_csum(skb
, sctph
, sctphoff
);
148 sctp_csum_check(int af
, struct sk_buff
*skb
, struct ip_vs_protocol
*pp
)
150 unsigned int sctphoff
;
151 struct sctphdr
*sh
, _sctph
;
152 struct sk_buff
*iter
;
157 #ifdef CONFIG_IP_VS_IPV6
159 sctphoff
= sizeof(struct ipv6hdr
);
162 sctphoff
= ip_hdrlen(skb
);
164 sh
= skb_header_pointer(skb
, sctphoff
, sizeof(_sctph
), &_sctph
);
170 tmp
= sctp_start_cksum((__u8
*) sh
, skb_headlen(skb
));
171 skb_walk_frags(skb
, iter
)
172 tmp
= sctp_update_cksum((__u8
*) iter
->data
,
173 skb_headlen(iter
), tmp
);
175 val
= sctp_end_cksum(tmp
);
178 /* CRC failure, dump it. */
179 IP_VS_DBG_RL_PKT(0, af
, pp
, skb
, 0,
180 "Failed checksum for");
186 struct ipvs_sctp_nextstate
{
189 enum ipvs_sctp_event_t
{
190 IP_VS_SCTP_EVE_DATA_CLI
,
191 IP_VS_SCTP_EVE_DATA_SER
,
192 IP_VS_SCTP_EVE_INIT_CLI
,
193 IP_VS_SCTP_EVE_INIT_SER
,
194 IP_VS_SCTP_EVE_INIT_ACK_CLI
,
195 IP_VS_SCTP_EVE_INIT_ACK_SER
,
196 IP_VS_SCTP_EVE_COOKIE_ECHO_CLI
,
197 IP_VS_SCTP_EVE_COOKIE_ECHO_SER
,
198 IP_VS_SCTP_EVE_COOKIE_ACK_CLI
,
199 IP_VS_SCTP_EVE_COOKIE_ACK_SER
,
200 IP_VS_SCTP_EVE_ABORT_CLI
,
201 IP_VS_SCTP_EVE__ABORT_SER
,
202 IP_VS_SCTP_EVE_SHUT_CLI
,
203 IP_VS_SCTP_EVE_SHUT_SER
,
204 IP_VS_SCTP_EVE_SHUT_ACK_CLI
,
205 IP_VS_SCTP_EVE_SHUT_ACK_SER
,
206 IP_VS_SCTP_EVE_SHUT_COM_CLI
,
207 IP_VS_SCTP_EVE_SHUT_COM_SER
,
211 static enum ipvs_sctp_event_t sctp_events
[255] = {
212 IP_VS_SCTP_EVE_DATA_CLI
,
213 IP_VS_SCTP_EVE_INIT_CLI
,
214 IP_VS_SCTP_EVE_INIT_ACK_CLI
,
215 IP_VS_SCTP_EVE_DATA_CLI
,
216 IP_VS_SCTP_EVE_DATA_CLI
,
217 IP_VS_SCTP_EVE_DATA_CLI
,
218 IP_VS_SCTP_EVE_ABORT_CLI
,
219 IP_VS_SCTP_EVE_SHUT_CLI
,
220 IP_VS_SCTP_EVE_SHUT_ACK_CLI
,
221 IP_VS_SCTP_EVE_DATA_CLI
,
222 IP_VS_SCTP_EVE_COOKIE_ECHO_CLI
,
223 IP_VS_SCTP_EVE_COOKIE_ACK_CLI
,
224 IP_VS_SCTP_EVE_DATA_CLI
,
225 IP_VS_SCTP_EVE_DATA_CLI
,
226 IP_VS_SCTP_EVE_SHUT_COM_CLI
,
229 static struct ipvs_sctp_nextstate
230 sctp_states_table
[IP_VS_SCTP_S_LAST
][IP_VS_SCTP_EVE_LAST
] = {
232 * STATE : IP_VS_SCTP_S_NONE
234 /*next state *//*event */
235 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
236 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
237 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
238 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
239 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
240 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
241 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
242 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
243 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
244 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
245 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
246 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
247 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
248 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
249 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
250 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
251 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
252 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ },
255 * STATE : IP_VS_SCTP_S_INIT_CLI
256 * Cient sent INIT and is waiting for reply from server(In ECHO_WAIT)
258 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
259 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
260 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
261 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
262 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
263 {IP_VS_SCTP_S_INIT_ACK_SER
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
264 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ECHO_CLI */ },
265 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_ECHO_SER */ },
266 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
267 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
268 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
269 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
270 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
271 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
272 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
273 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
274 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
275 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
278 * State : IP_VS_SCTP_S_INIT_SER
279 * Server sent INIT and waiting for INIT ACK from the client
281 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
282 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
283 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
284 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
285 {IP_VS_SCTP_S_INIT_ACK_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
286 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
287 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
288 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
289 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
290 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
291 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
292 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
293 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
294 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
295 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
296 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
297 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
298 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
301 * State : IP_VS_SCTP_S_INIT_ACK_CLI
302 * Client sent INIT ACK and waiting for ECHO from the server
304 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
305 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
307 * We have got an INIT from client. From the spec.“Upon receipt of
308 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
309 * an INIT ACK using the same parameters it sent in its original
310 * INIT chunk (including its Initiate Tag, unchanged”).
312 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
313 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
315 * INIT_ACK has been resent by the client, let us stay is in
318 {IP_VS_SCTP_S_INIT_ACK_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
320 * INIT_ACK sent by the server, close the connection
322 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
324 * ECHO by client, it should not happen, close the connection
326 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
328 * ECHO by server, this is what we are expecting, move to ECHO_SER
330 {IP_VS_SCTP_S_ECHO_SER
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
332 * COOKIE ACK from client, it should not happen, close the connection
334 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
336 * Unexpected COOKIE ACK from server, staty in the same state
338 {IP_VS_SCTP_S_INIT_ACK_CLI
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
339 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
340 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
341 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
342 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
343 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
344 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
345 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
346 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
349 * State : IP_VS_SCTP_S_INIT_ACK_SER
350 * Server sent INIT ACK and waiting for ECHO from the client
352 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
353 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
355 * We have got an INIT from client. From the spec.“Upon receipt of
356 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
357 * an INIT ACK using the same parameters it sent in its original
358 * INIT chunk (including its Initiate Tag, unchanged”).
360 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
361 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
363 * Unexpected INIT_ACK by the client, let us close the connection
365 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
367 * INIT_ACK resent by the server, let us move to same state
369 {IP_VS_SCTP_S_INIT_ACK_SER
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
371 * Client send the ECHO, this is what we are expecting,
374 {IP_VS_SCTP_S_ECHO_CLI
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
376 * ECHO received from the server, Not sure what to do,
379 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
381 * COOKIE ACK from client, let us stay in the same state
383 {IP_VS_SCTP_S_INIT_ACK_SER
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
385 * COOKIE ACK from server, hmm... this should not happen, lets close
388 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
389 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
390 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
391 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
392 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
393 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
394 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
395 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
396 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
399 * State : IP_VS_SCTP_S_ECHO_CLI
400 * Cient sent ECHO and waiting COOKEI ACK from the Server
402 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
403 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
405 * We have got an INIT from client. From the spec.“Upon receipt of
406 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
407 * an INIT ACK using the same parameters it sent in its original
408 * INIT chunk (including its Initiate Tag, unchanged”).
410 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
411 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
413 * INIT_ACK has been by the client, let us close the connection
415 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
417 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
418 * “If an INIT ACK is received by an endpoint in any state other
419 * than the COOKIE-WAIT state, the endpoint should discard the
420 * INIT ACK chunk”. Stay in the same state
422 {IP_VS_SCTP_S_ECHO_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
424 * Client resent the ECHO, let us stay in the same state
426 {IP_VS_SCTP_S_ECHO_CLI
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
428 * ECHO received from the server, Not sure what to do,
431 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
433 * COOKIE ACK from client, this shoud not happen, let's close the
436 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
438 * COOKIE ACK from server, this is what we are awaiting,lets move to
441 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
442 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
443 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
444 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
445 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
446 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
447 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
448 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
449 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
452 * State : IP_VS_SCTP_S_ECHO_SER
453 * Server sent ECHO and waiting COOKEI ACK from the client
455 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
456 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
458 * We have got an INIT from client. From the spec.“Upon receipt of
459 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
460 * an INIT ACK using the same parameters it sent in its original
461 * INIT chunk (including its Initiate Tag, unchanged”).
463 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
464 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
466 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
467 * “If an INIT ACK is received by an endpoint in any state other
468 * than the COOKIE-WAIT state, the endpoint should discard the
469 * INIT ACK chunk”. Stay in the same state
471 {IP_VS_SCTP_S_ECHO_SER
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
473 * INIT_ACK has been by the server, let us close the connection
475 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
477 * Client sent the ECHO, not sure what to do, let's close the
480 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
482 * ECHO resent by the server, stay in the same state
484 {IP_VS_SCTP_S_ECHO_SER
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
486 * COOKIE ACK from client, this is what we are expecting, let's move
489 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
491 * COOKIE ACK from server, this should not happen, lets close the
494 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
495 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
496 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
497 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
498 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
499 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
500 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
501 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
502 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
505 * State : IP_VS_SCTP_S_ESTABLISHED
506 * Association established
508 {{IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
509 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_DATA_SER */ },
511 * We have got an INIT from client. From the spec.“Upon receipt of
512 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
513 * an INIT ACK using the same parameters it sent in its original
514 * INIT chunk (including its Initiate Tag, unchanged”).
516 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
517 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
519 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
520 * “If an INIT ACK is received by an endpoint in any state other
521 * than the COOKIE-WAIT state, the endpoint should discard the
522 * INIT ACK chunk”. Stay in the same state
524 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
525 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
527 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
528 * peer and peer shall move to the ESTABISHED. if it doesn't handle
529 * it will send ERROR chunk. So, stay in the same state
531 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
532 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
534 * COOKIE ACK from client, not sure what to do stay in the same state
536 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
537 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
538 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
539 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
541 * SHUTDOWN from the client, move to SHUDDOWN_CLI
543 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
545 * SHUTDOWN from the server, move to SHUTDOWN_SER
547 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_SHUT_SER */ },
549 * client sent SHUDTDOWN_ACK, this should not happen, let's close
552 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
553 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
554 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
555 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
558 * State : IP_VS_SCTP_S_SHUT_CLI
559 * SHUTDOWN sent from the client, waitinf for SHUT ACK from the server
562 * We received the data chuck, keep the state unchanged. I assume
563 * that still data chuncks can be received by both the peers in
567 {{IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_DATA_CLI */ },
568 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_DATA_SER */ },
570 * We have got an INIT from client. From the spec.“Upon receipt of
571 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
572 * an INIT ACK using the same parameters it sent in its original
573 * INIT chunk (including its Initiate Tag, unchanged”).
575 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
576 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
578 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
579 * “If an INIT ACK is received by an endpoint in any state other
580 * than the COOKIE-WAIT state, the endpoint should discard the
581 * INIT ACK chunk”. Stay in the same state
583 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
584 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
586 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
587 * peer and peer shall move to the ESTABISHED. if it doesn't handle
588 * it will send ERROR chunk. So, stay in the same state
590 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
591 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
593 * COOKIE ACK from client, not sure what to do stay in the same state
595 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
596 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
597 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
598 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
600 * SHUTDOWN resent from the client, move to SHUDDOWN_CLI
602 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
604 * SHUTDOWN from the server, move to SHUTDOWN_SER
606 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_SHUT_SER */ },
608 * client sent SHUDTDOWN_ACK, this should not happen, let's close
611 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
613 * Server sent SHUTDOWN ACK, this is what we are expecting, let's move
616 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
618 * SHUTDOWN COM from client, this should not happen, let's close the
621 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
622 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
625 * State : IP_VS_SCTP_S_SHUT_SER
626 * SHUTDOWN sent from the server, waitinf for SHUTDOWN ACK from client
629 * We received the data chuck, keep the state unchanged. I assume
630 * that still data chuncks can be received by both the peers in
634 {{IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_DATA_CLI */ },
635 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_DATA_SER */ },
637 * We have got an INIT from client. From the spec.“Upon receipt of
638 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
639 * an INIT ACK using the same parameters it sent in its original
640 * INIT chunk (including its Initiate Tag, unchanged”).
642 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
643 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
645 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
646 * “If an INIT ACK is received by an endpoint in any state other
647 * than the COOKIE-WAIT state, the endpoint should discard the
648 * INIT ACK chunk”. Stay in the same state
650 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
651 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
653 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
654 * peer and peer shall move to the ESTABISHED. if it doesn't handle
655 * it will send ERROR chunk. So, stay in the same state
657 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
658 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
660 * COOKIE ACK from client, not sure what to do stay in the same state
662 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
663 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
664 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
665 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
667 * SHUTDOWN resent from the client, move to SHUDDOWN_CLI
669 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
671 * SHUTDOWN resent from the server, move to SHUTDOWN_SER
673 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_SHUT_SER */ },
675 * client sent SHUDTDOWN_ACK, this is what we are expecting, let's
676 * move to SHUT_ACK_CLI
678 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
680 * Server sent SHUTDOWN ACK, this should not happen, let's close the
683 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
685 * SHUTDOWN COM from client, this should not happen, let's close the
688 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
689 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
693 * State : IP_VS_SCTP_S_SHUT_ACK_CLI
694 * SHUTDOWN ACK from the client, awaiting for SHUTDOWN COM from server
697 * We received the data chuck, keep the state unchanged. I assume
698 * that still data chuncks can be received by both the peers in
702 {{IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_DATA_CLI */ },
703 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_DATA_SER */ },
705 * We have got an INIT from client. From the spec.“Upon receipt of
706 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
707 * an INIT ACK using the same parameters it sent in its original
708 * INIT chunk (including its Initiate Tag, unchanged”).
710 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
711 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
713 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
714 * “If an INIT ACK is received by an endpoint in any state other
715 * than the COOKIE-WAIT state, the endpoint should discard the
716 * INIT ACK chunk”. Stay in the same state
718 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
719 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
721 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
722 * peer and peer shall move to the ESTABISHED. if it doesn't handle
723 * it will send ERROR chunk. So, stay in the same state
725 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
726 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
728 * COOKIE ACK from client, not sure what to do stay in the same state
730 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
731 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
732 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
733 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
735 * SHUTDOWN sent from the client, move to SHUDDOWN_CLI
737 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
739 * SHUTDOWN sent from the server, move to SHUTDOWN_SER
741 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_SHUT_SER */ },
743 * client resent SHUDTDOWN_ACK, let's stay in the same state
745 {IP_VS_SCTP_S_SHUT_ACK_CLI
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
747 * Server sent SHUTDOWN ACK, this should not happen, let's close the
750 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
752 * SHUTDOWN COM from client, this should not happen, let's close the
755 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
757 * SHUTDOWN COMPLETE from server this is what we are expecting.
759 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
763 * State : IP_VS_SCTP_S_SHUT_ACK_SER
764 * SHUTDOWN ACK from the server, awaiting for SHUTDOWN COM from client
767 * We received the data chuck, keep the state unchanged. I assume
768 * that still data chuncks can be received by both the peers in
772 {{IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_DATA_CLI */ },
773 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_DATA_SER */ },
775 * We have got an INIT from client. From the spec.“Upon receipt of
776 * an INIT in the COOKIE-WAIT state, an endpoint MUST respond with
777 * an INIT ACK using the same parameters it sent in its original
778 * INIT chunk (including its Initiate Tag, unchanged”).
780 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
781 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
783 * INIT_ACK sent by the server, Unexpected INIT ACK, spec says,
784 * “If an INIT ACK is received by an endpoint in any state other
785 * than the COOKIE-WAIT state, the endpoint should discard the
786 * INIT ACK chunk”. Stay in the same state
788 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
789 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
791 * Client sent ECHO, Spec(sec 5.2.4) says it may be handled by the
792 * peer and peer shall move to the ESTABISHED. if it doesn't handle
793 * it will send ERROR chunk. So, stay in the same state
795 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
796 {IP_VS_SCTP_S_ESTABLISHED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
798 * COOKIE ACK from client, not sure what to do stay in the same state
800 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
801 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
802 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
803 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
805 * SHUTDOWN sent from the client, move to SHUDDOWN_CLI
807 {IP_VS_SCTP_S_SHUT_CLI
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
809 * SHUTDOWN sent from the server, move to SHUTDOWN_SER
811 {IP_VS_SCTP_S_SHUT_SER
/* IP_VS_SCTP_EVE_SHUT_SER */ },
813 * client sent SHUDTDOWN_ACK, this should not happen let's close
816 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
818 * Server resent SHUTDOWN ACK, stay in the same state
820 {IP_VS_SCTP_S_SHUT_ACK_SER
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
822 * SHUTDOWN COM from client, this what we are expecting, let's close
825 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
827 * SHUTDOWN COMPLETE from server this should not happen.
829 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
832 * State : IP_VS_SCTP_S_CLOSED
834 {{IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_CLI */ },
835 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_DATA_SER */ },
836 {IP_VS_SCTP_S_INIT_CLI
/* IP_VS_SCTP_EVE_INIT_CLI */ },
837 {IP_VS_SCTP_S_INIT_SER
/* IP_VS_SCTP_EVE_INIT_SER */ },
838 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_CLI */ },
839 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_INIT_ACK_SER */ },
840 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_CLI */ },
841 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ECHO_SER */ },
842 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_CLI */ },
843 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_COOKIE_ACK_SER */ },
844 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_CLI */ },
845 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_ABORT_SER */ },
846 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_CLI */ },
847 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_SER */ },
848 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_CLI */ },
849 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_ACK_SER */ },
850 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_CLI */ },
851 {IP_VS_SCTP_S_CLOSED
/* IP_VS_SCTP_EVE_SHUT_COM_SER */ }
856 * Timeout table[state]
858 static const int sctp_timeouts
[IP_VS_SCTP_S_LAST
+ 1] = {
859 [IP_VS_SCTP_S_NONE
] = 2 * HZ
,
860 [IP_VS_SCTP_S_INIT_CLI
] = 1 * 60 * HZ
,
861 [IP_VS_SCTP_S_INIT_SER
] = 1 * 60 * HZ
,
862 [IP_VS_SCTP_S_INIT_ACK_CLI
] = 1 * 60 * HZ
,
863 [IP_VS_SCTP_S_INIT_ACK_SER
] = 1 * 60 * HZ
,
864 [IP_VS_SCTP_S_ECHO_CLI
] = 1 * 60 * HZ
,
865 [IP_VS_SCTP_S_ECHO_SER
] = 1 * 60 * HZ
,
866 [IP_VS_SCTP_S_ESTABLISHED
] = 15 * 60 * HZ
,
867 [IP_VS_SCTP_S_SHUT_CLI
] = 1 * 60 * HZ
,
868 [IP_VS_SCTP_S_SHUT_SER
] = 1 * 60 * HZ
,
869 [IP_VS_SCTP_S_SHUT_ACK_CLI
] = 1 * 60 * HZ
,
870 [IP_VS_SCTP_S_SHUT_ACK_SER
] = 1 * 60 * HZ
,
871 [IP_VS_SCTP_S_CLOSED
] = 10 * HZ
,
872 [IP_VS_SCTP_S_LAST
] = 2 * HZ
,
875 static const char *sctp_state_name_table
[IP_VS_SCTP_S_LAST
+ 1] = {
876 [IP_VS_SCTP_S_NONE
] = "NONE",
877 [IP_VS_SCTP_S_INIT_CLI
] = "INIT_CLI",
878 [IP_VS_SCTP_S_INIT_SER
] = "INIT_SER",
879 [IP_VS_SCTP_S_INIT_ACK_CLI
] = "INIT_ACK_CLI",
880 [IP_VS_SCTP_S_INIT_ACK_SER
] = "INIT_ACK_SER",
881 [IP_VS_SCTP_S_ECHO_CLI
] = "COOKIE_ECHO_CLI",
882 [IP_VS_SCTP_S_ECHO_SER
] = "COOKIE_ECHO_SER",
883 [IP_VS_SCTP_S_ESTABLISHED
] = "ESTABISHED",
884 [IP_VS_SCTP_S_SHUT_CLI
] = "SHUTDOWN_CLI",
885 [IP_VS_SCTP_S_SHUT_SER
] = "SHUTDOWN_SER",
886 [IP_VS_SCTP_S_SHUT_ACK_CLI
] = "SHUTDOWN_ACK_CLI",
887 [IP_VS_SCTP_S_SHUT_ACK_SER
] = "SHUTDOWN_ACK_SER",
888 [IP_VS_SCTP_S_CLOSED
] = "CLOSED",
889 [IP_VS_SCTP_S_LAST
] = "BUG!"
893 static const char *sctp_state_name(int state
)
895 if (state
>= IP_VS_SCTP_S_LAST
)
897 if (sctp_state_name_table
[state
])
898 return sctp_state_name_table
[state
];
903 set_sctp_state(struct ip_vs_proto_data
*pd
, struct ip_vs_conn
*cp
,
904 int direction
, const struct sk_buff
*skb
)
906 sctp_chunkhdr_t _sctpch
, *sch
;
907 unsigned char chunk_type
;
908 int event
, next_state
;
911 #ifdef CONFIG_IP_VS_IPV6
912 ihl
= cp
->af
== AF_INET
? ip_hdrlen(skb
) : sizeof(struct ipv6hdr
);
914 ihl
= ip_hdrlen(skb
);
917 cofs
= ihl
+ sizeof(sctp_sctphdr_t
);
918 sch
= skb_header_pointer(skb
, cofs
, sizeof(_sctpch
), &_sctpch
);
922 chunk_type
= sch
->type
;
924 * Section 3: Multiple chunks can be bundled into one SCTP packet
925 * up to the MTU size, except for the INIT, INIT ACK, and
926 * SHUTDOWN COMPLETE chunks. These chunks MUST NOT be bundled with
927 * any other chunk in a packet.
929 * Section 3.3.7: DATA chunks MUST NOT be bundled with ABORT. Control
930 * chunks (except for INIT, INIT ACK, and SHUTDOWN COMPLETE) MAY be
931 * bundled with an ABORT, but they MUST be placed before the ABORT
932 * in the SCTP packet or they will be ignored by the receiver.
934 if ((sch
->type
== SCTP_CID_COOKIE_ECHO
) ||
935 (sch
->type
== SCTP_CID_COOKIE_ACK
)) {
936 int clen
= ntohs(sch
->length
);
938 if (clen
>= sizeof(sctp_chunkhdr_t
)) {
939 sch
= skb_header_pointer(skb
, cofs
+ ALIGN(clen
, 4),
940 sizeof(_sctpch
), &_sctpch
);
941 if (sch
&& sch
->type
== SCTP_CID_ABORT
)
942 chunk_type
= sch
->type
;
946 event
= sctp_events
[chunk_type
];
949 * If the direction is IP_VS_DIR_OUTPUT, this event is from server
951 if (direction
== IP_VS_DIR_OUTPUT
)
956 next_state
= sctp_states_table
[cp
->state
][event
].next_state
;
958 if (next_state
!= cp
->state
) {
959 struct ip_vs_dest
*dest
= cp
->dest
;
961 IP_VS_DBG_BUF(8, "%s %s %s:%d->"
962 "%s:%d state: %s->%s conn->refcnt:%d\n",
964 ((direction
== IP_VS_DIR_OUTPUT
) ?
965 "output " : "input "),
966 IP_VS_DBG_ADDR(cp
->af
, &cp
->daddr
),
968 IP_VS_DBG_ADDR(cp
->af
, &cp
->caddr
),
970 sctp_state_name(cp
->state
),
971 sctp_state_name(next_state
),
972 atomic_read(&cp
->refcnt
));
974 if (!(cp
->flags
& IP_VS_CONN_F_INACTIVE
) &&
975 (next_state
!= IP_VS_SCTP_S_ESTABLISHED
)) {
976 atomic_dec(&dest
->activeconns
);
977 atomic_inc(&dest
->inactconns
);
978 cp
->flags
|= IP_VS_CONN_F_INACTIVE
;
979 } else if ((cp
->flags
& IP_VS_CONN_F_INACTIVE
) &&
980 (next_state
== IP_VS_SCTP_S_ESTABLISHED
)) {
981 atomic_inc(&dest
->activeconns
);
982 atomic_dec(&dest
->inactconns
);
983 cp
->flags
&= ~IP_VS_CONN_F_INACTIVE
;
988 cp
->timeout
= pd
->timeout_table
[cp
->state
= next_state
];
989 else /* What to do ? */
990 cp
->timeout
= sctp_timeouts
[cp
->state
= next_state
];
994 sctp_state_transition(struct ip_vs_conn
*cp
, int direction
,
995 const struct sk_buff
*skb
, struct ip_vs_proto_data
*pd
)
997 spin_lock_bh(&cp
->lock
);
998 set_sctp_state(pd
, cp
, direction
, skb
);
999 spin_unlock_bh(&cp
->lock
);
1002 static inline __u16
sctp_app_hashkey(__be16 port
)
1004 return (((__force u16
)port
>> SCTP_APP_TAB_BITS
) ^ (__force u16
)port
)
1005 & SCTP_APP_TAB_MASK
;
1008 static int sctp_register_app(struct net
*net
, struct ip_vs_app
*inc
)
1010 struct ip_vs_app
*i
;
1012 __be16 port
= inc
->port
;
1014 struct netns_ipvs
*ipvs
= net_ipvs(net
);
1015 struct ip_vs_proto_data
*pd
= ip_vs_proto_data_get(net
, IPPROTO_SCTP
);
1017 hash
= sctp_app_hashkey(port
);
1019 list_for_each_entry(i
, &ipvs
->sctp_apps
[hash
], p_list
) {
1020 if (i
->port
== port
) {
1025 list_add_rcu(&inc
->p_list
, &ipvs
->sctp_apps
[hash
]);
1026 atomic_inc(&pd
->appcnt
);
1032 static void sctp_unregister_app(struct net
*net
, struct ip_vs_app
*inc
)
1034 struct ip_vs_proto_data
*pd
= ip_vs_proto_data_get(net
, IPPROTO_SCTP
);
1036 atomic_dec(&pd
->appcnt
);
1037 list_del_rcu(&inc
->p_list
);
1040 static int sctp_app_conn_bind(struct ip_vs_conn
*cp
)
1042 struct netns_ipvs
*ipvs
= net_ipvs(ip_vs_conn_net(cp
));
1044 struct ip_vs_app
*inc
;
1047 /* Default binding: bind app only for NAT */
1048 if (IP_VS_FWD_METHOD(cp
) != IP_VS_CONN_F_MASQ
)
1050 /* Lookup application incarnations and bind the right one */
1051 hash
= sctp_app_hashkey(cp
->vport
);
1054 list_for_each_entry_rcu(inc
, &ipvs
->sctp_apps
[hash
], p_list
) {
1055 if (inc
->port
== cp
->vport
) {
1056 if (unlikely(!ip_vs_app_inc_get(inc
)))
1060 IP_VS_DBG_BUF(9, "%s: Binding conn %s:%u->"
1061 "%s:%u to app %s on port %u\n",
1063 IP_VS_DBG_ADDR(cp
->af
, &cp
->caddr
),
1065 IP_VS_DBG_ADDR(cp
->af
, &cp
->vaddr
),
1067 inc
->name
, ntohs(inc
->port
));
1070 result
= inc
->init_conn(inc
, cp
);
1079 /* ---------------------------------------------
1080 * timeouts is netns related now.
1081 * ---------------------------------------------
1083 static int __ip_vs_sctp_init(struct net
*net
, struct ip_vs_proto_data
*pd
)
1085 struct netns_ipvs
*ipvs
= net_ipvs(net
);
1087 ip_vs_init_hash_table(ipvs
->sctp_apps
, SCTP_APP_TAB_SIZE
);
1088 pd
->timeout_table
= ip_vs_create_timeout_table((int *)sctp_timeouts
,
1089 sizeof(sctp_timeouts
));
1090 if (!pd
->timeout_table
)
1095 static void __ip_vs_sctp_exit(struct net
*net
, struct ip_vs_proto_data
*pd
)
1097 kfree(pd
->timeout_table
);
1100 struct ip_vs_protocol ip_vs_protocol_sctp
= {
1102 .protocol
= IPPROTO_SCTP
,
1103 .num_states
= IP_VS_SCTP_S_LAST
,
1107 .init_netns
= __ip_vs_sctp_init
,
1108 .exit_netns
= __ip_vs_sctp_exit
,
1109 .register_app
= sctp_register_app
,
1110 .unregister_app
= sctp_unregister_app
,
1111 .conn_schedule
= sctp_conn_schedule
,
1112 .conn_in_get
= ip_vs_conn_in_get_proto
,
1113 .conn_out_get
= ip_vs_conn_out_get_proto
,
1114 .snat_handler
= sctp_snat_handler
,
1115 .dnat_handler
= sctp_dnat_handler
,
1116 .csum_check
= sctp_csum_check
,
1117 .state_name
= sctp_state_name
,
1118 .state_transition
= sctp_state_transition
,
1119 .app_conn_bind
= sctp_app_conn_bind
,
1120 .debug_packet
= ip_vs_tcpudp_debug_packet
,
1121 .timeout_change
= NULL
,