From caef7a2fa31f65003bbbb8c2ca4fc620490962e7 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Fri, 17 Oct 2014 09:47:33 +0200 Subject: Revert "Vyatta Bugfix 6245: Sticky incoming connection support for WLB" Replacing with an updated patch. This reverts commit 461db303287b4f838b68b120a9656c9fc31070b2. --- src/lbdata.hh | 3 +-- src/lbdatafactory.cc | 11 ----------- src/lbdatafactory.hh | 3 --- src/lbdecision.cc | 17 ++--------------- 4 files changed, 3 insertions(+), 31 deletions(-) (limited to 'src') diff --git a/src/lbdata.hh b/src/lbdata.hh index 0b4175c..3c86854 100644 --- a/src/lbdata.hh +++ b/src/lbdata.hh @@ -196,7 +196,7 @@ class LBData { typedef map::iterator InterfaceHealthIter; typedef map::const_iterator InterfaceHealthConstIter; - LBData() : _disable_source_nat(false),_enable_local_traffic(false),_flush_conntrack(false),_sticky_inbound_connections(false) {} + LBData() : _disable_source_nat(false),_enable_local_traffic(false),_flush_conntrack(false) {} bool error() {return false;} @@ -225,7 +225,6 @@ class LBData { bool _disable_source_nat; bool _enable_local_traffic; bool _flush_conntrack; - bool _sticky_inbound_connections; string _hook; }; diff --git a/src/lbdatafactory.cc b/src/lbdatafactory.cc index 9729e62..653e270 100644 --- a/src/lbdatafactory.cc +++ b/src/lbdatafactory.cc @@ -146,11 +146,6 @@ LBDataFactory::process(const vector &path, int depth, const string &key, else if (path[0] == "enable-local-traffic") { process_enablelocaltraffic(l_key,l_value); } - else if (path[0] == "sticky-connections") { - if (l_value == "inbound") { - process_stickyinboundconnections(l_key,l_value); - } - } else if (path[0] == "flush-conntrack") { process_flushconntrack(l_key,l_value); } @@ -229,12 +224,6 @@ LBDataFactory::process_enablelocaltraffic(const string &key, const string &value _lb_data._enable_local_traffic = true; } -void -LBDataFactory::process_stickyinboundconnections(const string &key, const string &value) -{ - _lb_data._sticky_inbound_connections = true; -} - void LBDataFactory::process_flushconntrack(const string &key, const string &value) { diff --git a/src/lbdatafactory.hh b/src/lbdatafactory.hh index 9178e00..cfa62ee 100644 --- a/src/lbdatafactory.hh +++ b/src/lbdatafactory.hh @@ -46,9 +46,6 @@ private: void process_enablelocaltraffic(const string &key, const string &value); - void - process_stickyinboundconnections(const string &key, const string &value); - void process_flushconntrack(const string &key, const string &value); diff --git a/src/lbdecision.cc b/src/lbdecision.cc index 2dd10a6..8774189 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -22,6 +22,7 @@ #include "lbdecision.hh" using namespace std; + /* iptables -t mangle -N ISP1 iptables -t mangle -A ISP1 -j CONNMARK --set-mark 1 @@ -163,15 +164,7 @@ if so then this stuff goes here! //NOTE, WILL NEED A WAY TO CLEAN UP THIS RULE ON RESTART... execute(string("iptables -t mangle -A ISP_") + iface + " -j ACCEPT", stdout); - - if (lbdata._sticky_inbound_connections == true) { - //Mark incoming connections so that return packets go back on the same interface - execute(string("iptables -t mangle -N ISP_") + iface + "_IN", stdout); - execute(string("iptables -t mangle -F ISP_") + iface + "_IN", stdout); - execute(string("iptables -t mangle -A ISP_") + iface + "_IN -j CONNMARK --set-mark " + buf, stdout); - execute(string("iptables -t mangle -I PREROUTING -i ") + iface + " -m state --state NEW -j ISP_" + iface + "_IN", stdout); - } - + //need to force the entry on restart as the configuration may have changed. if (iter->second._nexthop == "dhcp") { if (iter->second._dhcp_nexthop.empty() == false) { @@ -493,12 +486,6 @@ LBDecision::shutdown(LBData &data) execute(string("iptables -t mangle -F ISP_") + h_iter->first,stdout); execute(string("iptables -t mangle -X ISP_") + h_iter->first,stdout); - if (data._sticky_inbound_connections == true) { - execute(string("iptables -t mangle -D PREROUTING -i ") + h_iter->first + " -m state --state NEW -j ISP_" + h_iter->first + "_IN", stdout); - execute(string("iptables -t mangle -F ISP_") + h_iter->first + "_IN",stdout); - execute(string("iptables -t mangle -X ISP_") + h_iter->first + "_IN",stdout); - } - ++h_iter; } } -- cgit v1.2.3