On 01/04/2011 11:14 PM, Laine Stump wrote: > Although the upper-layer code protected against it, it was possible to > call iptablesForwardMasquerade() with an IPv6 address and have it > attempt to add a rule to the MASQUERADE chain of ip6tables (which > doesn't exist). > > This patch changes that function to check the protocol of the given > address, generate an error log if it's not IPv4 (AF_INET), and finally > hardcodes all the family parameters sent down to lower-level functions.
ACK. -- Eric Blake [email protected] +1-801-349-2682 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
