diff options
| author | Michael Larson <mike@ft1.vyatta.com> | 2009-09-25 10:17:24 -0700 |
|---|---|---|
| committer | Michael Larson <mike@ft1.vyatta.com> | 2009-09-25 10:17:24 -0700 |
| commit | 6541bb6a056c8a7a9b06078241822a3396df23d5 (patch) | |
| tree | 344dfdeb0ae30e94064eba729239cf66e6b737f6 | |
| parent | e3cb982dc9d7480487349ec6ee1f917eac9c19e5 (diff) | |
| download | vyatta-wanloadbalance-6541bb6a056c8a7a9b06078241822a3396df23d5.tar.gz vyatta-wanloadbalance-6541bb6a056c8a7a9b06078241822a3396df23d5.zip | |
remove interface syntax checks. added icmp exclusion to locally sourced packets.
fix for bug: 4955 and 4957
| -rw-r--r-- | src/lbdecision.cc | 1 | ||||
| -rw-r--r-- | src/lbpathtest.cc | 3 | ||||
| -rw-r--r-- | templates/load-balancing/wan/interface-health/node.def | 10 | ||||
| -rw-r--r-- | templates/load-balancing/wan/rule/node.tag/interface/node.def | 10 |
4 files changed, 4 insertions, 20 deletions
diff --git a/src/lbdecision.cc b/src/lbdecision.cc index d6ef18e..eef5aa9 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -240,6 +240,7 @@ LBDecision::run(LBData &lb_data) execute("iptables -t mangle -F PREROUTING", stdout); execute("iptables -t mangle -F OUTPUT", stdout); execute("iptables -t mangle -A OUTPUT -m mark ! --mark 0 -j ACCEPT", stdout); //avoid packets set in prerouting table + execute("iptables -t mangle -A OUTPUT --proto icmp --icmp-type any -j ACCEPT", stdout); //avoid packets set in prerouting table //new request, bug 4112. flush conntrack tables if configured if (lb_data._flush_conntrack == true) { diff --git a/src/lbpathtest.cc b/src/lbpathtest.cc index d7ed6cd..10d56cf 100644 --- a/src/lbpathtest.cc +++ b/src/lbpathtest.cc @@ -209,6 +209,9 @@ LBPathTest::send(const string &iface, const string &target_addr, int packet_id) } // bind a socket to a device name (might not work on all systems): + if (_debug) { + cout << "LBPathTest::send(), caling setsockopt for " << iface << endl; + } if (setsockopt(_send_sock, SOL_SOCKET, SO_BINDTODEVICE, iface.c_str(), iface.size()) != 0) { syslog(LOG_ERR, "wan_lb: failure to bind to interface: %s", iface.c_str()); return; //will allow the test to time out then diff --git a/templates/load-balancing/wan/interface-health/node.def b/templates/load-balancing/wan/interface-health/node.def index 24a05c0..d393140 100644 --- a/templates/load-balancing/wan/interface-health/node.def +++ b/templates/load-balancing/wan/interface-health/node.def @@ -1,13 +1,3 @@ tag: type: txt help: Set interface name -syntax:expression: exec " \ - if [ -z \"`ip link | grep $VAR(@)`\" ]; then \ - echo Invalid interface [$VAR(@)]; \ - exit 1 ; \ - fi ; " -allowed: for dev in /sys/class/net/*; - do if [[ ! $dev =~ "net/lo" ]]; then - echo -n ${dev##*/} " " - fi - done diff --git a/templates/load-balancing/wan/rule/node.tag/interface/node.def b/templates/load-balancing/wan/rule/node.tag/interface/node.def index 24a05c0..d393140 100644 --- a/templates/load-balancing/wan/rule/node.tag/interface/node.def +++ b/templates/load-balancing/wan/rule/node.tag/interface/node.def @@ -1,13 +1,3 @@ tag: type: txt help: Set interface name -syntax:expression: exec " \ - if [ -z \"`ip link | grep $VAR(@)`\" ]; then \ - echo Invalid interface [$VAR(@)]; \ - exit 1 ; \ - fi ; " -allowed: for dev in /sys/class/net/*; - do if [[ ! $dev =~ "net/lo" ]]; then - echo -n ${dev##*/} " " - fi - done |