|
Hello,
On Sat, 20 May 2000, Horms wrote:
> > For VS/NAT we use dport. For all other methods we don't
> > use dport. May be we have to stop inheriting dport from vport
> > in ipvsadm for fwmark services->destinations? For the normal services we
> > have vport!=0 and it can be inherited. Is that correct? May be
> > we can restrict it only for VS/NAT mode? All other methods can
> > use dport=0 when fwmark!=0.
>
> I'm working on a patch that should use the port from the incoming
> connectin for VS/NAT if fwmark is used.
Wonderful! ipvsadm.c must not inherit dport for VS/NAT
destination when the service is fwmark based. We can't inherit
the dport from packets. For VS/NAT destinations it is possible
dport!=vport. So, only ipvsadm.c needs to be patched. We have
to disallow specifying VS/NAT destinations with dport=0 for
fwmark based services. We can't inherit any port. We need this
port to be specified from the user.
Regards
--
Julian Anastasov <uli@xxxxxxxxxxxxxxxxxxxxxx>
|
