ctdb-scripts: Don't list connections when not hosting IPs

With an empty IP filter, all incoming connections to port 2049 will be
listed, not just those to public IP addresses.  This causes error
messages like the following to be logged:

  ctdb-eventd[...]: 60.nfs: Failed to add 1 tickles

since the connection being added seems to be for a random NFS mount
that doesn't use a public IP addresses.

This has been a problem for a long time (probably since commit
04fe9e20749985c71fef1bce7f6e4c439fe11c81 in 2015).  It isn't currently
a huge deal because it only affects NFS connections.  However, this
code will soon be used to track connections to public IP addresses on
all ports.  This would result in a constant stream of log messages,
since there will always be some active connections.

The theory behind the fix is that if a node hosts no public IPs then
it should have no relevant connections and has no business changing
the list of registered tickles.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15320
RN: Update CTDB to track all TCP connections to public IP addresses

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
(cherry picked from commit 1a4a6c46f1cdabfea67c264d6576a597a70c3007)

diff --git a/ctdb/config/functions b/ctdb/config/functions
index a40b276e2b854da3794caa139b1b97d4c0f77213..d56dc745c9a50d80d29fd914d736507169364c41 100755 (executable)
--- a/ctdb/config/functions
+++ b/ctdb/config/functions
@@ -1104,6 +1104,10 @@ update_tickles()
        # What public IPs do I hold?
        _pnn=$(ctdb_get_pnn)
        _ips=$($CTDB -X ip | awk -F'|' -v pnn="$_pnn" '$3 == pnn {print $2}')
+       # If not hosting any public IPs then can't have any connections...
+       if [ -z "$_ips" ]; then
+               return
+       fi
 
        # IPs and port as ss filters
        _ip_filter=""