diff --git a/exec/coroparse.c b/exec/coroparse.c index 87bbcebd..0acb4c24 100644 --- a/exec/coroparse.c +++ b/exec/coroparse.c @@ -708,9 +708,6 @@ static int main_config_parser_cb(const char *path, (strcmp(path, "totem.miss_count_const") == 0) || (strcmp(path, "totem.knet_pmtud_interval") == 0) || (strcmp(path, "totem.knet_compression_threshold") == 0) || -#ifdef HAVE_KNET_ACCESS_LIST - (strcmp(path, "totem.knet_enable_access_lists") == 0) || -#endif (strcmp(path, "totem.netmtu") == 0)) { val_type = ICMAP_VALUETYPE_UINT32; if (safe_atoq(value, &val, val_type) != 0) { diff --git a/exec/totemknet.c b/exec/totemknet.c index 884eefe9..2af69b3d 100644 --- a/exec/totemknet.c +++ b/exec/totemknet.c @@ -740,12 +740,11 @@ static void timer_function_netif_check_timeout ( static void knet_set_access_list_config(struct totemknet_instance *instance) { #ifdef HAVE_KNET_ACCESS_LIST - uint32_t value = 0; /* disable by default */ + uint32_t value; cs_error_t err; - if (icmap_get_uint32("totem.knet_enable_access_lists", &value) == CS_OK) { - knet_log_printf (LOGSYS_LEVEL_DEBUG, "knet_enable access list: %d", value); - } + value = instance->totem_config->block_unlisted_ips; + knet_log_printf (LOGSYS_LEVEL_DEBUG, "knet_enable access list: %d", value); err = knet_handle_enable_access_lists(instance->knet_handle, value); if (err) { diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 index 953c830d..0e1ef88a 100644 --- a/man/corosync.conf.5 +++ b/man/corosync.conf.5 @@ -566,14 +566,9 @@ knet_pmtud_interval How often the knet PMTUd runs to look for network MTU changes. Value in seconds, default: 30 -.TP -knet_enable_access_lists -Allow knet to drop packets from IP addresses that are not known to corosync. -Value is 0 (off) and 1 (on). Default: 0. - .TP block_unlisted_ips -Allow UDPU to drop packets from IP addresses that are not known +Allow UDPU and KNET to drop packets from IP addresses that are not known (nodes which don't exist in the nodelist) to corosync. Value is yes or no.