Home » Mailing list archives » linux-netdev » 2007 » October » 13

[PATCH 03/14] Allow binding to non-local addresses if IP_TRANSPARENT is set

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: KOVACS Krisztian <hidden@...>
To: David Miller <davem@...>
Cc: Patrick McHardy <kaber@...>, <netdev@...>
Subject: [PATCH 03/14] Allow binding to non-local addresses if IP_TRANSPARENT is set
Date: Saturday, October 13, 2007 - 1:30 pm

Setting IP_TRANSPARENT is not really useful without allowing non-local
binds for the socket. To make user-space code simpler we allow these binds
even if IP_TRANSPARENT is set but IP_FREEBIND is not.

Signed-off-by: Tóth László Attila <panther@balabit.hu>
Acked-by: Patrick McHardy <kaber@trash.net>
---

 net/ipv4/af_inet.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 621b128..4049a74 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -451,7 +451,7 @@ int inet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
 	 */
 	err = -EADDRNOTAVAIL;
 	if (!sysctl_ip_nonlocal_bind &&
-	    !inet->freebind &&
+	    !(inet->freebind || inet->transparent) &&
 	    addr->sin_addr.s_addr != INADDR_ANY &&
 	    chk_addr_ret != RTN_LOCAL &&
 	    chk_addr_ret != RTN_MULTICAST &&

-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[PATCH 00/14] Transparent Proxying Patches, Take 5, KOVACS Krisztian, (Sat Oct 13, 1:28 pm)
Re: [PATCH 00/14] Transparent Proxying Patches, Take 5, David Miller, (Sat Oct 13, 6:44 pm)
Re: [PATCH 00/14] Transparent Proxying Patches, Take 5, KOVACS Krisztian, (Sun Oct 14, 5:05 am)
[PATCH 08/14] Split Netfilter IPv4 defragmentation into a se..., KOVACS Krisztian, (Sat Oct 13, 1:33 pm)
[PATCH 07/14] Export UDP socket lookup function, KOVACS Krisztian, (Sat Oct 13, 1:32 pm)
[PATCH 09/14] iptables tproxy core, KOVACS Krisztian, (Sat Oct 13, 1:33 pm)
[PATCH 06/14] Port redirection support for TCP, KOVACS Krisztian, (Sat Oct 13, 1:32 pm)
[PATCH 04/14] Conditionally enable transparent flow flag whe..., KOVACS Krisztian, (Sat Oct 13, 1:31 pm)
[PATCH 05/14] Handle TCP SYN+ACK/ACK/RST transparency, KOVACS Krisztian, (Sat Oct 13, 1:31 pm)
[PATCH 03/14] Allow binding to non-local addresses if IP_TRA..., KOVACS Krisztian, (Sat Oct 13, 1:30 pm)
[PATCH 02/14] Implement IP_TRANSPARENT socket option, KOVACS Krisztian, (Sat Oct 13, 1:29 pm)
[PATCH 01/14] Loosen source address check on IPv4 output, KOVACS Krisztian, (Sat Oct 13, 1:29 pm)
[PATCH 14/14] Add documentation, KOVACS Krisztian, (Sat Oct 13, 1:36 pm)
[PATCH 13/14] Don't lookup the socket if there's a socket at..., KOVACS Krisztian, (Sat Oct 13, 1:35 pm)
[PATCH 12/14] Don't lookup the socket if there's a socket at..., KOVACS Krisztian, (Sat Oct 13, 1:35 pm)
[PATCH 11/14] iptables TPROXY target, KOVACS Krisztian, (Sat Oct 13, 1:34 pm)
[PATCH 10/14] iptables socket match, KOVACS Krisztian, (Sat Oct 13, 1:34 pm)