[Debian] Re: lenny updates (networking)

Ola Lundqvist ola at inguza.com
Mon Mar 16 07:47:39 EDT 2009


Hi Kir

Quoting Kir Kolyshkin <kir at openvz.org>:

> Ola Lundqvist wrote:
[...]
>>> http://git.openvz.org/?p=linux-2.6.26-openvz;a=commitdiff;h=ce67d5b4cc85fa0c6a6d226d436276ab307ae041
>>> iptables: setup init iptables mask before net initialization
>>> Trivial fix for IPv6 iptables in container. Not an ABI breaker.
>>> Attached as 0042*
>>>
>>
>> IPv6 is not really working in the current version. However this is   
>> an improvement to the current state.
>> Not sure it should be included. I have added to my test build but I  
>>  think I need advice from Dann here.
>>
>
> So we can either disable IPv6 in config or fix it. It's up to you/Dann
> to decide. I'd go with fixing.

I tend to agree.

> Speaking of IPv6, we also have a bunch of patches for ipv6 conntracks
> in containers which I haven't sent since it looks more like a new
> functionality rather than a bugfix.

If it is new functionality, then it can not go in. However if it is  
fixes (>= important) then it should go in. So if you see any important  
ones please let me know.

>>
>>> http://git.openvz.org/?p=linux-2.6.26-openvz;a=commitdiff;h=fffc6ffba65ec0b12aeb89f2e4a448785298aa75
>>> net: set ve context when init/exit method is called
>>> Attached as 0043*
>>>
>>
>> Security issue?
>>
>
> No. Deadlocks/leaks on VE stop.

I personally consider deadlock as a denial of service. However this  
can only be done by root. On the other hand I assume it is still  
important to fix it.

[...]

Best regards,

// Ola


-- 
  --- Inguza Technology AB --- MSc in Information Technology ----
/  ola at inguza.com                    Annebergsslingan 37        \
|  opal at debian.org                   654 65 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
  ---------------------------------------------------------------




More information about the Debian mailing list