ipvs: fix oops in backup for fwmark conn templates Fixes bug http://bugzilla.kernel.org/show_bug.cgi?id=10556 where conn templates with protocol=IPPROTO_IP can oops backup box. Result from ip_vs_proto_get() should be checked because protocol value can be invalid or unsupported in backup. But for valid message we should not fail for templates which use IPPROTO_IP. Also, add checks to validate message limits and connection state. Show state NONE for templates using IPPROTO_IP. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 2ad17defd596ca7e8ba782d5fc6950ee0e99513c [log] [tgz]
author: Julian Anastasov <ja@ssi.bg> Tue Apr 29 03:21:23 2008 -0700
committer: David S. Miller <davem@davemloft.net> Tue Apr 29 03:21:23 2008 -0700
tree: fa971402d7e832c3dcfa4bb2dd401b76f5249a58
parent: d69efb16891ddfa6c0b527f912a7193054d50281 [diff] [blame]
diff --git a/net/ipv4/ipvs/ip_vs_proto_esp.c b/net/ipv4/ipvs/ip_vs_proto_esp.c
index aef0d3e..db6a6b7 100644
--- a/net/ipv4/ipvs/ip_vs_proto_esp.c
+++ b/net/ipv4/ipvs/ip_vs_proto_esp.c

@@ -159,6 +159,7 @@
 struct ip_vs_protocol ip_vs_protocol_esp = {
 	.name =			"ESP",
 	.protocol =		IPPROTO_ESP,
+	.num_states =		1,
 	.dont_defrag =		1,
 	.init =			esp_init,
 	.exit =			esp_exit,
commit	2ad17defd596ca7e8ba782d5fc6950ee0e99513c	[log] [tgz]
author	Julian Anastasov <ja@ssi.bg>	Tue Apr 29 03:21:23 2008 -0700
committer	David S. Miller <davem@davemloft.net>	Tue Apr 29 03:21:23 2008 -0700
tree	fa971402d7e832c3dcfa4bb2dd401b76f5249a58
parent	d69efb16891ddfa6c0b527f912a7193054d50281 [diff] [blame]