tech-userlevel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Limiting rpc.lockd to IPv4 only
Based on the discussion, I have modified my changes to provide the
following options and behavior:
-4 specifically request/require IPv4 service
-6 specifically request/require IPv6 service
If neither option is specified, behavior is unchanged from previous. It
will provide IPv4 service, and also IPv6 service if kernel supports it.
Specifying both -4 and -6 will request both protocols, and will fail if
either protocol is unavailable.
-------------------------------------------------------------------------
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| Customer Service | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com |
| Network Engineer | 0786 F758 55DE 53BA 7731 | pgoyette at juniper.net |
| Kernel Developer | | pgoyette at netbsd.org |
-------------------------------------------------------------------------
Index: lockd.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/rpc.lockd/lockd.c,v
retrieving revision 1.10
diff -u -p -r1.10 lockd.c
--- lockd.c 15 Dec 2007 19:44:56 -0000 1.10
+++ lockd.c 12 Aug 2012 15:50:18 -0000
@@ -51,6 +51,7 @@ __RCSID("$NetBSD: lockd.c,v 1.10 2007/12
#include <err.h>
#include <stdio.h>
#include <stdlib.h>
+#include <stdbool.h>
#include <errno.h>
#include <syslog.h>
#include <signal.h>
@@ -84,14 +85,16 @@ int
main(int argc, char **argv)
{
SVCXPRT *transp;
- int ch, i, maxindex, s;
+ int ch, i, minindex, maxindex, s;
+ bool use_ipv4, use_ipv6;
struct sigaction sigchild, sigalarm;
int grace_period = 30;
struct netconfig *nconf;
int maxrec = RPC_MAXDATASIZE;
(void)setprogname(*argv);
- while ((ch = getopt(argc, argv, "d:g:")) != (-1)) {
+ use_ipv4 = use_ipv6 = false;
+ while ((ch = getopt(argc, argv, "d:g:46")) != (-1)) {
switch (ch) {
case 'd':
debug_level = atoi(optarg);
@@ -107,6 +110,12 @@ main(int argc, char **argv)
/* NOTREACHED */
}
break;
+ case '4':
+ use_ipv4 = true;
+ break;
+ case '6':
+ use_ipv6 = true;
+ break;
default:
case '?':
usage();
@@ -119,23 +128,31 @@ main(int argc, char **argv)
(void)rpcb_unset(NLM_PROG, NLM_VERSX, NULL);
(void)rpcb_unset(NLM_PROG, NLM_VERS4, NULL);
- /*
- * Check if IPv6 support is present.
- */
- s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
- if (s < 0)
- maxindex = 2;
- else {
- (void)close(s);
- maxindex = 4;
+ if (!use_ipv4 && !use_ipv6) {
+ s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
+ if (s < 0)
+ use_ipv4 = true;
+ else {
+ (void)close(s);
+ use_ipv4 = use_ipv6 = true;
+ }
}
+ if (use_ipv4)
+ minindex = 0;
+ else
+ minindex = 2;
+
+ if (use_ipv6)
+ maxindex = 4;
+ else
+ maxindex = 2;
(void)rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
- for (i = 0; i < maxindex; i++) {
+ for (i = minindex; i < maxindex; i++) {
nconf = getnetconfigent(transports[i]);
if (nconf == NULL)
- errx(1, "cannot get udp netconf.");
+ errx(1, "cannot get %s netconf.", transports[i]);
transp = svc_tli_create(RPC_ANYFD, nconf, NULL, RPC_MAXDATASIZE,
RPC_MAXDATASIZE);
Index: rpc.lockd.8
===================================================================
RCS file: /cvsroot/src/usr.sbin/rpc.lockd/rpc.lockd.8,v
retrieving revision 1.6
diff -u -p -r1.6 rpc.lockd.8
--- rpc.lockd.8 2 Feb 2002 01:42:45 -0000 1.6
+++ rpc.lockd.8 12 Aug 2012 15:50:18 -0000
@@ -32,7 +32,7 @@
.\" SUCH DAMAGE.
.\"
.\"
-.Dd September 24, 1995
+.Dd August 11, 2012
.Dt RPC.LOCKD 8
.Os
.Sh NAME
@@ -42,6 +42,7 @@
.Nm
.Op Fl d Ar debug_level
.Op Fl g Ar grace period
+.Op Fl 46
.Sh DESCRIPTION
The
.Nm
@@ -71,6 +72,14 @@ option allow to specify the grace period
.Nm
only accepts requests from hosts which are reinitialising locks which
existed before the server restart. Default is 30 seconds.
+.It Fl 4
+.It Fl 6
+Specify whether
+.Nm
+should register for IPv4 and IPv6 clients, respectively.
+By default,
+.Nm
+will register for both IPv4 and IPv6 if IPv6 support is available.
.El
.Pp
Error conditions are logged to syslog, irrespective of the debug level,
Home |
Main Index |
Thread Index |
Old Index