From: David Woodhouse <[email protected]> There is no need to listen on AF_INET sockets; a modern application can listen on IPv6 (without IPV6_V6ONLY) and will accept connections from the 20th century via IPv4-mapped addresses (::ffff:x.x.x.x) on the IPv6 socket.
Signed-off-by: David Woodhouse <[email protected]> --- net/ipv4/af_inet.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index dc358faa1647..3838782a8437 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -240,6 +240,9 @@ int inet_listen(struct socket *sock, int backlog) struct sock *sk = sock->sk; int err = -EINVAL; + pr_warn_once("process '%s' (pid %d) is listening on an AF_INET socket. Consider using AF_INET6 with IPV6_V6ONLY=0 instead.\n", + current->comm, task_pid_nr(current)); + lock_sock(sk); if (sock->state != SS_UNCONNECTED || sock->type != SOCK_STREAM) -- 2.51.0
