[CRIU] [PATCH 1/2] net/sysctl: fix ipv4 forwarding

Pavel Tikhomirov ptikhomirov at virtuozzo.com
Mon Jun 6 02:23:09 PDT 2016 

Restore all/accept_redirects and default/forwarding after
all/forwarding as the last can influence the former two.
(see inet_forward_change in kernel)

# sysctl -w net.ipv4.conf.all.forwarding=1
net.ipv4.conf.all.forwarding = 1
# sysctl -w net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.forwarding = 1
# sysctl -w net.ipv4.conf.all.forwarding=0
net.ipv4.conf.all.forwarding = 0
# sysctl net.ipv4.conf.default.forwarding
net.ipv4.conf.default.forwarding = 0

Not to break image backward/forward compatibility just append
another copy of "accept_redirects" to lists

Trigered with netns-dev test in VZ7CT with vzlinux-6-x86_64 template
https://jira.sw.ru/browse/PSBM-47355

Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 criu/net.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/criu/net.c b/criu/net.c
index d57e0aa..4b30a35 100644
--- a/criu/net.c
+++ b/criu/net.c
@@ -108,6 +108,7 @@ static char *devconfs4[] = {
 	"ignore_routes_with_linkdown",
 	"drop_gratuitous_arp",
 	"drop_unicast_in_l2_multicast",
+	"accept_redirects",
 };
 
 char *devconfs6[] = {
@@ -153,6 +154,7 @@ char *devconfs6[] = {
 	"use_oif_addrs_only",
 	"use_optimistic",
 	"use_tempaddr",
+	"accept_redirects",
 };
 
 #define CONF_OPT_PATH "net/%s/conf/%s/%s"
@@ -1327,18 +1329,18 @@ static int restore_netns_conf(int pid, NetnsEntry **netns)
 	}
 
 	if ((*netns)->def_conf4) {
-		ret = ipv4_conf_op("default", (*netns)->def_conf4, (*netns)->n_def_conf4, CTL_WRITE, NULL);
+		ret = ipv4_conf_op("all", (*netns)->all_conf4, (*netns)->n_all_conf4, CTL_WRITE, NULL);
 		if (ret)
 			goto out;
-		ret = ipv4_conf_op("all", (*netns)->all_conf4, (*netns)->n_all_conf4, CTL_WRITE, NULL);
+		ret = ipv4_conf_op("default", (*netns)->def_conf4, (*netns)->n_def_conf4, CTL_WRITE, NULL);
 		if (ret)
 			goto out;
 	} else if ((*netns)->def_conf) {
 		/* Backward compatibility */
-		ret = ipv4_conf_op_old("default", (*netns)->def_conf, (*netns)->n_def_conf, CTL_WRITE, NULL);
+		ret = ipv4_conf_op_old("all", (*netns)->all_conf, (*netns)->n_all_conf, CTL_WRITE, NULL);
 		if (ret)
 			goto out;
-		ret = ipv4_conf_op_old("all", (*netns)->all_conf, (*netns)->n_all_conf, CTL_WRITE, NULL);
+		ret = ipv4_conf_op_old("default", (*netns)->def_conf, (*netns)->n_def_conf, CTL_WRITE, NULL);
 		if (ret)
 			goto out;
 	}
-- 
2.5.5

More information about the CRIU mailing list