File portblock.patch of Package resource-agents.33230
diff --git a/heartbeat/portblock b/heartbeat/portblock
index 2e84a101..c59f2d3b 100755
--- a/heartbeat/portblock
+++ b/heartbeat/portblock
@@ -255,21 +255,39 @@ chain_isactive()
$IPTABLES $wait -n -L INPUT | grep "$PAT" >/dev/null
}
+dump_tcp_connections_netstat()
+{
+ netstat -tn |awk -F '[:[:space:]]+' '
+ $8 == "ESTABLISHED" && $4 == "'$OCF_RESKEY_ip'" \
+ {printf "%s:%s\t%s:%s\n", $4,$5, $6,$7}'
+}
+dump_tcp_connections_ss()
+{
+ ss -Htn state connected src $OCF_RESKEY_ip | \
+ sed -e 's/\[::ffff:\([.0-9]*\)\]/\1/g' | \
+ awk -F '[:[:space:]]+' '{printf "%s:%s\t%s:%s\n", $4,$5, $6,$7}'
+}
+
+dump_tcp_connections()
+{
+ if have_binary "ss"; then
+ dump_tcp_connections_ss
+ elif have_binary "netstat"; then
+ dump_tcp_connections_netstat
+ else
+ ocf_log err "neither ss nor netstat found"
+ exit $OCF_ERR_CONFIGURED
+ fi
+}
+
save_tcp_connections()
{
[ -z "$OCF_RESKEY_tickle_dir" ] && return
statefile=$OCF_RESKEY_tickle_dir/$OCF_RESKEY_ip
- if [ -z "$OCF_RESKEY_sync_script" ]; then
- netstat -tn |awk -F '[:[:space:]]+' '
- $8 == "ESTABLISHED" && $4 == "'$OCF_RESKEY_ip'" \
- {printf "%s:%s\t%s:%s\n", $4,$5, $6,$7}' |
- dd of="$statefile".new conv=fsync status=none &&
- mv "$statefile".new "$statefile"
- else
- netstat -tn |awk -F '[:[:space:]]+' '
- $8 == "ESTABLISHED" && $4 == "'$OCF_RESKEY_ip'" \
- {printf "%s:%s\t%s:%s\n", $4,$5, $6,$7}' \
- > $statefile
+ dump_tcp_connections |
+ dd of="$statefile".new conv=fsync status=none &&
+ mv "$statefile".new "$statefile"
+ if [ -n "$OCF_RESKEY_sync_script" ]; then
$OCF_RESKEY_sync_script $statefile > /dev/null 2>&1 &
fi
}
@@ -277,7 +295,8 @@ save_tcp_connections()
tickle_remote()
{
[ -z "$OCF_RESKEY_tickle_dir" ] && return
- echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
+ [ -f "/proc/sys/net/ipv4/tcp_tw_recycle" ] && echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
+ [ -f "/proc/sys/net/ipv4/tcp_tw_reuse" ] && echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
f=$OCF_RESKEY_tickle_dir/$OCF_RESKEY_ip
[ -r $f ] || return
$TICKLETCP -n 3 < $f