ipvs: drop SCTP connections depending on state

Drop SCTP connections under load (dropentry context) depending
on the protocol state, just like for TCP: INIT conns are
dropped immediately, established are dropped randomly while
connections in progress or shutdown are skipped.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>

diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index c8c52a9..4c8e5c0 100644 (file)
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -1231,6 +1231,18 @@ void ip_vs_random_dropentry(struct net *net)
                                default:
                                        continue;
                                }
+                       } else if (cp->protocol == IPPROTO_SCTP) {
+                               switch (cp->state) {
+                               case IP_VS_SCTP_S_INIT1:
+                               case IP_VS_SCTP_S_INIT:
+                                       break;
+                               case IP_VS_SCTP_S_ESTABLISHED:
+                                       if (todrop_entry(cp))
+                                               break;
+                                       continue;
+                               default:
+                                       continue;
+                               }
                        } else {
                                if (!todrop_entry(cp))
                                        continue;