From 468819070db11baa989a935bfa5e44c823ef9ca1 Mon Sep 17 00:00:00 2001 From: Martin Schwenke Date: Sat, 20 Dec 2014 19:54:13 +1100 Subject: [PATCH 1/2] ctdb-tests: Fix tickle sniffing for IPv4 tcptickle_sniff_start() assumes that if $dst contains a ': then it should use the IPv6 sniffing code. However, $dst is a socket, so has a trailing ":". Strip the trailing ":" before checking for ':' as a marker for an IPv6 address. Signed-off-by: Martin Schwenke Reviewed-by: Michael Adam (cherry picked from commit 82aa6bd2f27775f3fd82931d613379d5d618ef70) --- ctdb/tests/complex/scripts/local.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ctdb/tests/complex/scripts/local.bash b/ctdb/tests/complex/scripts/local.bash index 9c41af2..2dd62a8 100644 --- a/ctdb/tests/complex/scripts/local.bash +++ b/ctdb/tests/complex/scripts/local.bash @@ -185,7 +185,7 @@ tcptickle_sniff_start () local src="$1" local dst="$2" - case "$dst" in + case "${dst%:*}" in *:*) tcp6tickle_sniff_start "$src" "$dst" ;; *) tcp4tickle_sniff_start "$src" "$dst" ;; esac -- 2.1.4 From bb66dbe131dba03adbab62deb9fbfb6b8eb41b8f Mon Sep 17 00:00:00 2001 From: Martin Schwenke Date: Tue, 30 Dec 2014 16:04:00 +1100 Subject: [PATCH 2/2] ctdb-scripts: Call iptables/ip6tables directly from iptables_wrapper Drops the iptables() and ip6tables() functions and, hence, the hardcoding of paths /sbin/iptables and /sbin/ip6tables. The latter avoids problems on openSUSE where (for example) /usr/sbin/iptables is used instead. This means that locking around ip*tables commands is only done when iptables_wrapper is called directly. This is fine because the only conflict is when "releaseip" or "takeip"/"updateip" events are run in parallel. The other uses in 11.natgw and 70.iscsi are in events where there will be no collisions. Making 11.natgw support IPv6 is unnecessary. Just put a static IPv6 address on each interface - they're plentiful. Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Wed Jan 28 08:29:55 CET 2015 on sn-devel-104 (cherry picked from commit ab51f283e7a7f4fc82a94d39e7bb3a68e8aac554) --- ctdb/config/functions | 16 +++++----------- ctdb/tests/eventscripts/etc-ctdb/rc.local | 4 +++- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/ctdb/config/functions b/ctdb/config/functions index 1583bfc..89be90b 100755 --- a/ctdb/config/functions +++ b/ctdb/config/functions @@ -1365,23 +1365,17 @@ ctdb_standard_event_handler () esac } -# iptables doesn't like being re-entered, so flock-wrap it. -iptables () -{ - flock -w 30 $CTDB_VARDIR/iptables-ctdb.flock /sbin/iptables "$@" -} -ip6tables () -{ - flock -w 30 $CTDB_VARDIR/iptables-ctdb.flock /sbin/ip6tables "$@" -} iptables_wrapper () { _family="$1" ; shift if [ "$_family" = "inet6" ] ; then - ip6tables "$@" + _iptables_cmd="ip6tables" else - iptables "$@" + _iptables_cmd="iptables" fi + + # iptables doesn't like being re-entered, so flock-wrap it. + flock -w 30 "${CTDB_VARDIR}/iptables-ctdb.flock" "$_iptables_cmd" "$@" } # AIX (and perhaps others?) doesn't have mktemp diff --git a/ctdb/tests/eventscripts/etc-ctdb/rc.local b/ctdb/tests/eventscripts/etc-ctdb/rc.local index 0dc531f..0291e57 100755 --- a/ctdb/tests/eventscripts/etc-ctdb/rc.local +++ b/ctdb/tests/eventscripts/etc-ctdb/rc.local @@ -51,8 +51,10 @@ get_proc () esac } -# Always succeeds +# Always succeed iptables () { : ; } +ip6tables () { : ; } +iptables_wrapper () { : ; } # Do not actually background - we want to see the output background_with_logging () -- 2.1.4