• Taehee Yoo's avatar
    netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set · e6b1503c
    Taehee Yoo authored
    [ Upstream commit 06aa151ad1fc74a49b45336672515774a678d78d ]
    
    If same destination IP address config is already existing, that config is
    just used. MAC address also should be same.
    However, there is no MAC address checking routine.
    So that MAC address checking routine is added.
    
    test commands:
       %iptables -A INPUT -p tcp -i lo -d 192.168.0.5 --dport 80 \
    	   -j CLUSTERIP --new --hashmode sourceip \
    	   --clustermac 01:00:5e:00:00:20 --total-nodes 2 --local-node 1
       %iptables -A INPUT -p tcp -i lo -d 192.168.0.5 --dport 80 \
    	   -j CLUSTERIP --new --hashmode sourceip \
    	   --clustermac 01:00:5e:00:00:21 --total-nodes 2 --local-node 1
    
    After this patch, above commands are disallowed.
    Signed-off-by: 's avatarTaehee Yoo <ap420073@gmail.com>
    Signed-off-by: 's avatarPablo Neira Ayuso <pablo@netfilter.org>
    Signed-off-by: 's avatarSasha Levin <sashal@kernel.org>
    e6b1503c
Name
Last commit
Last update
..
6lowpan Loading commit data...
802 Loading commit data...
8021q Loading commit data...
9p Loading commit data...
appletalk Loading commit data...
atm Loading commit data...
ax25 Loading commit data...
batman-adv Loading commit data...
bluetooth Loading commit data...
bpf Loading commit data...
bridge Loading commit data...
caif Loading commit data...
can Loading commit data...
ceph Loading commit data...
core Loading commit data...
dcb Loading commit data...
dccp Loading commit data...
decnet Loading commit data...
dns_resolver Loading commit data...
dsa Loading commit data...
ethernet Loading commit data...
hsr Loading commit data...
ieee802154 Loading commit data...
ife Loading commit data...
ipv4 Loading commit data...
ipv6 Loading commit data...
ipx Loading commit data...
iucv Loading commit data...
kcm Loading commit data...
key Loading commit data...
l2tp Loading commit data...
l3mdev Loading commit data...
lapb Loading commit data...
llc Loading commit data...
mac80211 Loading commit data...
mac802154 Loading commit data...
mpls Loading commit data...
ncsi Loading commit data...
netfilter Loading commit data...
netlabel Loading commit data...
netlink Loading commit data...
netrom Loading commit data...
nfc Loading commit data...
nsh Loading commit data...
openvswitch Loading commit data...
packet Loading commit data...
phonet Loading commit data...
psample Loading commit data...
qrtr Loading commit data...
rds Loading commit data...
rfkill Loading commit data...
rose Loading commit data...
rxrpc Loading commit data...
sched Loading commit data...
sctp Loading commit data...
smc Loading commit data...
strparser Loading commit data...
sunrpc Loading commit data...
switchdev Loading commit data...
tipc Loading commit data...
tls Loading commit data...
unix Loading commit data...
vmw_vsock Loading commit data...
wimax Loading commit data...
wireless Loading commit data...
x25 Loading commit data...
xfrm Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...
compat.c Loading commit data...
socket.c Loading commit data...
sysctl_net.c Loading commit data...