knet: Use block_unlisted_ips

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>

exec/coroparse.c

@@ -708,9 +708,6 @@ static int main_config_parser_cb(const char *path,
 			    (strcmp(path, "totem.miss_count_const") == 0) ||
 			    (strcmp(path, "totem.knet_pmtud_interval") == 0) ||
 			    (strcmp(path, "totem.knet_compression_threshold") == 0) ||
-#ifdef HAVE_KNET_ACCESS_LIST
-			    (strcmp(path, "totem.knet_enable_access_lists") == 0) ||
-#endif
 			    (strcmp(path, "totem.netmtu") == 0)) {
 				val_type = ICMAP_VALUETYPE_UINT32;
 				if (safe_atoq(value, &val, val_type) != 0) {

exec/totemknet.c

@@ -740,12 +740,11 @@ static void timer_function_netif_check_timeout (
 static void knet_set_access_list_config(struct totemknet_instance *instance)
 {
 #ifdef HAVE_KNET_ACCESS_LIST
-	uint32_t value = 0; /* disable by default */
+	uint32_t value;
 	cs_error_t err;
 
-	if (icmap_get_uint32("totem.knet_enable_access_lists", &value) == CS_OK) {
-		knet_log_printf (LOGSYS_LEVEL_DEBUG, "knet_enable access list: %d", value);
-        }
+	value = instance->totem_config->block_unlisted_ips;
+	knet_log_printf (LOGSYS_LEVEL_DEBUG, "knet_enable access list: %d", value);
 
 	err = knet_handle_enable_access_lists(instance->knet_handle, value);
 	if (err) {

man/corosync.conf.5

@@ -566,14 +566,9 @@ knet_pmtud_interval
 How often the knet PMTUd runs to look for network MTU changes.
 Value in seconds, default: 30
 
-.TP
-knet_enable_access_lists
-Allow knet to drop packets from IP addresses that are not known to corosync.
-Value is 0 (off) and 1 (on). Default: 0.
-
 .TP
 block_unlisted_ips
-Allow UDPU to drop packets from IP addresses that are not known
+Allow UDPU and KNET to drop packets from IP addresses that are not known
 (nodes which don't exist in the nodelist) to corosync.
 Value is yes or no.