[PATCH] ipvs: Reject ipv6 link-local addresses for destinations

To:	horms@xxxxxxxxxxxx
Subject:	[PATCH] ipvs: Reject ipv6 link-local addresses for destinations
Cc:	netdev@xxxxxxxxxxxxxxx, lvs-devel@xxxxxxxxxxxxxxx, kaber@xxxxxxxxx, vbusam@xxxxxxxxxx, Julius Volz <juliusv@xxxxxxxxxx>
From:	Sven Wegener <sven.wegener@xxxxxxxxxxx>
Date:	Fri, 5 Sep 2008 16:53:49 +0200 (CEST)

We can't use non-local link-local addresses for destinations, without
knowing the interface on which we can reach the address. Reject them for
now.

Signed-off-by: Sven Wegener <sven.wegener@xxxxxxxxxxx>
---
 net/ipv4/ipvs/ip_vs_ctl.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/net/ipv4/ipvs/ip_vs_ctl.c b/net/ipv4/ipvs/ip_vs_ctl.c
index d2dc05a..e53efe4 100644
--- a/net/ipv4/ipvs/ip_vs_ctl.c
+++ b/net/ipv4/ipvs/ip_vs_ctl.c
@@ -838,7 +838,8 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct 
ip_vs_dest_user_kern *udest,
 #ifdef CONFIG_IP_VS_IPV6
        if (svc->af == AF_INET6) {
                atype = ipv6_addr_type(&udest->addr.in6);
-               if (!(atype & IPV6_ADDR_UNICAST) &&
+               if ((!(atype & IPV6_ADDR_UNICAST) ||
+                       atype & IPV6_ADDR_LINKLOCAL) &&
                        !__ip_vs_addr_is_local_v6(&udest->addr.in6))
                        return -EINVAL;
        } else
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz Re: [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 00/24] Add first IPv6 support to IPVS, Julius Volz [PATCHv3 03/24] IPVS: Add general v4/v6 helper functions / data structures, Julius Volz [PATCHv3 21/24] IPVS: Add function to determine if IPv6 address is local, Julius Volz [PATCH] ipvs: Reject ipv6 link-local addresses for destinations, Sven Wegener <= [PATCHv3 20/24] IPVS: Turn off FTP application helper for IPv6, Julius Volz [PATCHv3 13/24] IPVS: Add IPv6 support to xmit() support functions, Julius Volz [PATCHv3 10/24] IPVS: Add protocol debug functions for IPv6, Julius Volz [PATCH] ipvs: Mark tcp/udp v4 and v6 debug functions static, Sven Wegener [PATCHv3 23/24] IPVS: Activate IPv6 Netfilter hooks, Julius Volz [PATCHv3 18/24] IPVS: Convert procfs files for IPv6 entry output, Julius Volz [PATCHv3 19/24] IVPS: Disable sync daemon for IPv6 connections, Julius Volz [PATCHv3 02/24] IPVS: Change IPVS data structures to support IPv6 addresses, Julius Volz [PATCHv3 01/24] IPVS: Add CONFIG_IP_VS_IPV6 option for IPv6 support, Julius Volz [PATCHv3 15/24] IPVS: Extend scheduling functions for IPv6 support, Julius Volz

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[PATCH] ipvs: Mark tcp/udp v4 and v6 debug functions static, Sven Wegener
Next by Date:	Re: [PATCH 2/2] ipvs: load balance ipv6 connections from a local process, Brian Haley
Previous by Thread:	[PATCHv3 21/24] IPVS: Add function to determine if IPv6 address is local, Julius Volz
Next by Thread:	[PATCHv3 20/24] IPVS: Turn off FTP application helper for IPv6, Julius Volz
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[PATCH] ipvs: Mark tcp/udp v4 and v6 debug functions static, Sven Wegener

Next by Date:

Re: [PATCH 2/2] ipvs: load balance ipv6 connections from a local process, Brian Haley

Previous by Thread:

[PATCHv3 21/24] IPVS: Add function to determine if IPv6 address is local, Julius Volz

Next by Thread:

[PATCHv3 20/24] IPVS: Turn off FTP application helper for IPv6, Julius Volz

Indexes:

[Date] [Thread] [Top] [All Lists]