diff options
| author | slioch <slioch@eng-140.vyatta.com> | 2009-06-16 11:42:52 -0700 |
|---|---|---|
| committer | slioch <slioch@eng-140.vyatta.com> | 2009-06-16 11:44:51 -0700 |
| commit | d87805e89c31611ecf4ec7d7148d066a5eb99185 (patch) | |
| tree | 1324e874d6f3df3089c0c91f42d7e1e9171562a5 /src/lbdecision.cc | |
| parent | 8df8f875d33bccdf5cd4a56cee7bef13f7fac7f9 (diff) | |
| download | vyatta-wanloadbalance-d87805e89c31611ecf4ec7d7148d066a5eb99185.tar.gz vyatta-wanloadbalance-d87805e89c31611ecf4ec7d7148d066a5eb99185.zip | |
fixed output mangle rule creation. need to suppress inbound interface on rule creation for output rule entry as these are locally sourced packets.
Diffstat (limited to 'src/lbdecision.cc')
| -rw-r--r-- | src/lbdecision.cc | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/lbdecision.cc b/src/lbdecision.cc index 56c772d..7b76f7b 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -248,10 +248,11 @@ LBDecision::run(LBData &lb_data) while (iter != lb_data._lb_rule_coll.end()) { //NEED TO HANDLE APPLICATION SPECIFIC DETAILS string app_cmd = get_application_cmd(iter->second); + string app_cmd_local = get_application_cmd(iter->second,true); if (iter->second._exclude == true) { execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -j ACCEPT", stdout); - execute(string("iptables -t mangle -A OUTPUT ") + app_cmd + " -j ACCEPT", stdout); + execute(string("iptables -t mangle -A OUTPUT ") + app_cmd_local + " -j ACCEPT", stdout); } else { map<int,float> weights = get_new_weights(lb_data,iter->second); @@ -267,24 +268,24 @@ LBDecision::run(LBData &lb_data) sprintf(dbuf,"%d",w_iter->first); if (lb_data._enable_source_based_routing) { execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf, stdout); - execute(string("iptables -t mangle -A OUTPUT ") + app_cmd + " -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf, stdout); + execute(string("iptables -t mangle -A OUTPUT ") + app_cmd_local + " -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf, stdout); } else { execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf, stdout); - execute(string("iptables -t mangle -A OUTPUT ") + app_cmd + " -m state --state NEW -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf, stdout); + execute(string("iptables -t mangle -A OUTPUT ") + app_cmd_local + " -m state --state NEW -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf, stdout); } } sprintf(dbuf,"%d",(--weights.end())->first); if (lb_data._enable_source_based_routing) { execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -j ISP_" + dbuf, stdout); - execute(string("iptables -t mangle -A OUTPUT ") + app_cmd + " -j ISP_" + dbuf, stdout); + execute(string("iptables -t mangle -A OUTPUT ") + app_cmd_local + " -j ISP_" + dbuf, stdout); } else { execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW -j ISP_" + dbuf, stdout); - execute(string("iptables -t mangle -A OUTPUT ") + app_cmd + " -m state --state NEW -j ISP_" + dbuf, stdout); + execute(string("iptables -t mangle -A OUTPUT ") + app_cmd_local + " -m state --state NEW -j ISP_" + dbuf, stdout); } execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -j CONNMARK --restore-mark", stdout); - execute(string("iptables -t mangle -A OUTPUT ") + app_cmd + " -j CONNMARK --restore-mark", stdout); + execute(string("iptables -t mangle -A OUTPUT ") + app_cmd_local + " -j CONNMARK --restore-mark", stdout); } } ++iter; @@ -438,11 +439,11 @@ LBDecision::get_new_weights(LBData &data, LBRule &rule) * **/ string -LBDecision::get_application_cmd(LBRule &rule) +LBDecision::get_application_cmd(LBRule &rule, bool local) { string filter; - if (rule._in_iface.empty() == false) { + if (rule._in_iface.empty() == false && local == false) { filter += "-i " + rule._in_iface + " "; } |