On 08/27/2014 08:55 PM, Simon Horman wrote:
> On Fri, Aug 22, 2014 at 05:53:41PM +0300, Julian Anastasov wrote:
>> commit fc604767613b6d2036cdc35b660bc39451040a47
>> ("ipvs: changes for local real server") from 2.6.37
>> introduced DNAT support to local real server but the
>> IPv6 LOCAL_OUT handler ip_vs_local_reply6() is
>> registered incorrectly as IPv4 hook causing any outgoing
>> IPv4 traffic to be dropped depending on the IP header values.
>>
>> Chris tracked down the problem to CONFIG_IP_VS_IPV6=y
>> Bug report: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1349768
>>
>> Reported-by: Chris J Arges <chris.j.arges@xxxxxxxxxxxxx>
>> Tested-by: Chris J Arges <chris.j.arges@xxxxxxxxxxxxx>
>> Signed-off-by: Julian Anastasov <ja@xxxxxx>
>
> Thanks, and sorry for the delay.
> I have queued this up in the ipvs tree as a fix for v3.17.
> I also plan to ask for it to be considered for -stable.
>
Julian,
Has this been queued up for netdev stable? Or should I send an email?
Thanks,
--chris j arges
>> ---
>> net/netfilter/ipvs/ip_vs_core.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
>> index e683675..5c34e8d 100644
>> --- a/net/netfilter/ipvs/ip_vs_core.c
>> +++ b/net/netfilter/ipvs/ip_vs_core.c
>> @@ -1906,7 +1906,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
>> {
>> .hook = ip_vs_local_reply6,
>> .owner = THIS_MODULE,
>> - .pf = NFPROTO_IPV4,
>> + .pf = NFPROTO_IPV6,
>> .hooknum = NF_INET_LOCAL_OUT,
>> .priority = NF_IP6_PRI_NAT_DST + 1,
>> },
>> --
>> 1.9.0
>>
>
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
