|
Hello,
On Fri, 6 Feb 2015, Alexey Andriyanov wrote:
> The current code prevents any operation with a mixed-family dest
> unless IP_VS_CONN_F_TUNNEL flag is set. The problem is that it's impossible
> for the client to follow this rule, because ip_vs_genl_parse_dest does
> not even read the destination conn_flags when cmd = IPVS_CMD_DEL_DEST
> (need_full_dest = 0).
>
> Also, not every client can pass this flag when removing a dest. ipvsadm,
> for example, does not support the "-i" command line option together with
> the "-d" option.
>
> This change disables any checks for mixed-family on IPVS_CMD_DEL_DEST command.
>
> Signed-off-by: Alexey Andriyanov <alan@xxxxxxxxxx>
Good catch.
Fixes: bc18d37f676f ("ipvs: Allow heterogeneous pools now that we support them")
Acked-by: Julian Anastasov <ja@xxxxxx>
Simon, please apply this bug fix.
> ---
> net/netfilter/ipvs/ip_vs_ctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> index ac7ba68..5b373c3 100644
> --- a/net/netfilter/ipvs/ip_vs_ctl.c
> +++ b/net/netfilter/ipvs/ip_vs_ctl.c
> @@ -3400,7 +3400,7 @@ static int ip_vs_genl_set_cmd(struct sk_buff *skb,
> struct genl_info *info)
> if (udest.af == 0)
> udest.af = svc->af;
>
> - if (udest.af != svc->af) {
> + if (udest.af != svc->af && cmd != IPVS_CMD_DEL_DEST) {
> /* The synchronization protocol is incompatible
> * with mixed family services
> */
> --
> 1.7.9.5
>
Regards
--
Julian Anastasov <ja@xxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|
