diff options
author | Julian Anastasov <ja@ssi.bg> | 2014-08-30 14:35:48 +0300 |
---|---|---|
committer | Jesper Dangaard Brouer <brouer@redhat.com> | 2014-09-10 08:50:38 +0200 |
commit | ed4a811f3329af0791ee0a88218c18b369fb1949 (patch) | |
tree | acd74930c27e8036c63444c944e4a9ea0e5f26e3 | |
parent | 7c87583451e929fb5ce25e37ae1ade0b6e90e7aa (diff) | |
download | ipvsadm-ed4a811f3329af0791ee0a88218c18b369fb1949.tar.gz |
ipvsadm: restrict different address family
Now real server can have different address family only
for tunneling. For other modes it must match the service.
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
-rw-r--r-- | ipvsadm.c | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -788,6 +788,12 @@ static int process_options(int argc, char **argv, int reading_stdin) (ce.dest.conn_flags == IP_VS_CONN_F_TUNNEL || ce.dest.conn_flags == IP_VS_CONN_F_DROUTE)) ce.dest.port = ce.svc.port; + + /* Tunneling allows different address family */ + if (ce.dest.af != ce.svc.af && + ce.dest.conn_flags != IP_VS_CONN_F_TUNNEL) + fail(2, "Different address family is allowed only " + "for tunneling servers"); } switch (ce.cmd) { |