summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorSven Wegener <sven.wegener@stealer.net>2008-09-05 16:53:49 +0200
committerSimon Horman <horms@verge.net.au>2008-09-08 09:34:45 +1000
commit3bfb92f4073aa829f8e67e459d54c79306ddbd73 (patch)
treed689e8afeac610e8a79a884ee83d2f33948c5297 /net
parent77eb851630bba8ea9962a1b2f01b23bd5d57c58e (diff)
ipvs: Reject ipv6 link-local addresses for destinations
We can't use non-local link-local addresses for destinations, without knowing the interface on which we can reach the address. Reject them for now. Signed-off-by: Sven Wegener <sven.wegener@stealer.net> Acked-by: Julius Volz <juliusv@google.com> Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/ipvs/ip_vs_ctl.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv4/ipvs/ip_vs_ctl.c b/net/ipv4/ipvs/ip_vs_ctl.c
index d2dc05a843f..e53efe41f01 100644
--- a/net/ipv4/ipvs/ip_vs_ctl.c
+++ b/net/ipv4/ipvs/ip_vs_ctl.c
@@ -838,7 +838,8 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest,
#ifdef CONFIG_IP_VS_IPV6
if (svc->af == AF_INET6) {
atype = ipv6_addr_type(&udest->addr.in6);
- if (!(atype & IPV6_ADDR_UNICAST) &&
+ if ((!(atype & IPV6_ADDR_UNICAST) ||
+ atype & IPV6_ADDR_LINKLOCAL) &&
!__ip_vs_addr_is_local_v6(&udest->addr.in6))
return -EINVAL;
} else