[lvs-users] [PATCH 1/2] ipvsadm: restrict different address family
Julian Anastasov
ja at ssi.bg
Sat Aug 30 12:35:48 BST 2014
Now real server can have different address family only
for tunneling. For other modes it must match the service.
Signed-off-by: Julian Anastasov <ja at ssi.bg>
---
ipvsadm.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/ipvsadm.c b/ipvsadm.c
index d12070e..3000117 100644
--- a/ipvsadm.c
+++ b/ipvsadm.c
@@ -788,6 +788,12 @@ static int process_options(int argc, char **argv, int reading_stdin)
(ce.dest.conn_flags == IP_VS_CONN_F_TUNNEL
|| ce.dest.conn_flags == IP_VS_CONN_F_DROUTE))
ce.dest.port = ce.svc.port;
+
+ /* Tunneling allows different address family */
+ if (ce.dest.af != ce.svc.af &&
+ ce.dest.conn_flags != IP_VS_CONN_F_TUNNEL)
+ fail(2, "Different address family is allowed only "
+ "for tunneling servers");
}
switch (ce.cmd) {
--
1.9.0
More information about the lvs-users
mailing list