lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Dec 2009 14:55:05 +1100 From: Simon Horman <horms@...ge.net.au> To: lvs-devel@...r.kernel.org, netfilter-devel@...r.kernel.org, netdev@...r.kernel.org Cc: Deon van der Merwe <dvdm@...teq.co.za>, Julian Anastasov <ja@....bg>, Patrick McHardy <kaber@...sh.net> Subject: [patch] ipvs: fwmark services don't have ports Make sure that the port for fwmark services is always zero, it seems that in some cases ipvsadm provides bogus port values for fwmark services. As observed by Deon van der Merwe, this manifests as a clients not being able to connect to the virtual service if persistence is set. Tested-by: Deon van der Merwe <dvdm@...teq.co.za> Signed-off-by: Simon Horman <horms@...ge.net.au> --- I believe that this fixes a bug and as such is suitable for -stable. However, Its taken a few release for anyone to bring this to our attention, so it doesn't seem to be causing much pain in the wild. Discussion of this problem: http://archive.linuxvirtualserver.org/html/lvs-users/2009-11/msg00043.html diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index e01061f..9a4ccd4 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -1188,8 +1188,9 @@ ip_vs_add_service(struct ip_vs_service_user_kern *u, svc->af = u->af; svc->protocol = u->protocol; ip_vs_addr_copy(svc->af, &svc->addr, &u->addr); - svc->port = u->port; svc->fwmark = u->fwmark; + if (!svc->fwmark) + svc->port = u->port; svc->flags = u->flags; svc->timeout = u->timeout * HZ; svc->netmask = u->netmask; -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists