| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 May 2007 16:32:02 +0200 From: Patrick McHardy <kaber@...sh.net> To: Janusz Krzysztofik <jkrzyszt@....icnet.pl> CC: David Miller <davem@...emloft.net>, horms@...ge.net.au, netdev@...r.kernel.org Subject: Re: [IPV4] LVS: Allow to send ICMP unreachable responses when real-servers are removed Janusz Krzysztofik wrote: > David Miller wrote: > >>> BTW, there doesn't even seem to be a spot where IPVS calls >>> ip_route_output with the source address set. What exactly is this >>> needed for? >> >> >> I suppose he has a patch to make use of it, but was waiting >> for this route.c change to go in first. > > > If you mean me, the answer is no, I do not have any patch making use of > the change in question. What I have is rather a complicated method of > notifying udp clients on communication problems before they are > redirected to a new real server. My method needs some IPVS related > patches, but ICMP port unreachable messages are not generated inside > IPVS code, they are just sent, with help of the patch in question, from > udp_input() or netfilter REJECT. Both use icmp_send(), which should always pick a local source, so I don't understand why this change was needed. Could you describe the specific case when the packet generated by icmp_send() does not have a local source? - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists