conf: Cleaner initialisation of default forwarding modes

Initialisation of the forwarding mode variables is complicated a bit by the
fact that we have different defaults for passt and pasta modes.  This leads
to some debateably duplicated code between those two cases.

More significantly, however, currently the final setting of the mode
variable is interleaved with the code to actually start automatic scanning
when that's selected.  This essentially mingles "policy" code (setting the
default mode), with implementation code (making that happen).  That's a bit
inflexible if we want to change policies in future.

Disentangle these two pieces, and use a slightly different construction to
make things briefer as well.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2023-11-03 13:22:55 +11:00 committed by Stefano Brivio
parent 3fb3f0f7a5
commit 26d86f1304

58
conf.c
View file

@ -1238,6 +1238,7 @@ void conf(struct ctx *c, int argc, char **argv)
struct get_bound_ports_ns_arg ns_ports_arg = { .c = c }; struct get_bound_ports_ns_arg ns_ports_arg = { .c = c };
char userns[PATH_MAX] = { 0 }, netns[PATH_MAX] = { 0 }; char userns[PATH_MAX] = { 0 }, netns[PATH_MAX] = { 0 };
bool copy_addrs_opt = false, copy_routes_opt = false; bool copy_addrs_opt = false, copy_routes_opt = false;
enum port_fwd_mode fwd_default = FWD_NONE;
bool v4_only = false, v6_only = false; bool v4_only = false, v6_only = false;
char *runas = NULL, *logfile = NULL; char *runas = NULL, *logfile = NULL;
struct in6_addr *dns6 = c->ip6.dns; struct in6_addr *dns6 = c->ip6.dns;
@ -1252,6 +1253,7 @@ void conf(struct ctx *c, int argc, char **argv)
if (c->mode == MODE_PASTA) { if (c->mode == MODE_PASTA) {
c->no_dhcp_dns = c->no_dhcp_dns_search = 1; c->no_dhcp_dns = c->no_dhcp_dns_search = 1;
fwd_default = FWD_AUTO;
optstring = "dqfel:hF:I:p:P:m:a:n:M:g:i:o:D:S:46t:u:T:U:"; optstring = "dqfel:hF:I:p:P:m:a:n:M:g:i:o:D:S:46t:u:T:U:";
} else { } else {
optstring = "dqfel:hs:F:p:P:m:a:n:M:g:i:o:D:S:461t:u:"; optstring = "dqfel:hs:F:p:P:m:a:n:M:g:i:o:D:S:461t:u:";
@ -1803,40 +1805,32 @@ void conf(struct ctx *c, int argc, char **argv)
if_indextoname(c->ifi6, c->pasta_ifn); if_indextoname(c->ifi6, c->pasta_ifn);
} }
if (c->mode == MODE_PASTA) { if (!c->tcp.fwd_in.mode)
c->proc_net_tcp[V4][0] = c->proc_net_tcp[V4][1] = -1; c->tcp.fwd_in.mode = fwd_default;
c->proc_net_tcp[V6][0] = c->proc_net_tcp[V6][1] = -1; if (!c->tcp.fwd_out.mode)
c->proc_net_udp[V4][0] = c->proc_net_udp[V4][1] = -1; c->tcp.fwd_out.mode = fwd_default;
c->proc_net_udp[V6][0] = c->proc_net_udp[V6][1] = -1; if (!c->udp.fwd_in.f.mode)
c->udp.fwd_in.f.mode = fwd_default;
if (!c->udp.fwd_out.f.mode)
c->udp.fwd_out.f.mode = fwd_default;
if (!c->tcp.fwd_in.mode || c->tcp.fwd_in.mode == FWD_AUTO) { c->proc_net_tcp[V4][0] = c->proc_net_tcp[V4][1] = -1;
c->tcp.fwd_in.mode = FWD_AUTO; c->proc_net_tcp[V6][0] = c->proc_net_tcp[V6][1] = -1;
ns_ports_arg.proto = IPPROTO_TCP; c->proc_net_udp[V4][0] = c->proc_net_udp[V4][1] = -1;
NS_CALL(get_bound_ports_ns, &ns_ports_arg); c->proc_net_udp[V6][0] = c->proc_net_udp[V6][1] = -1;
}
if (!c->udp.fwd_in.f.mode || c->udp.fwd_in.f.mode == FWD_AUTO) { if (c->tcp.fwd_in.mode == FWD_AUTO) {
c->udp.fwd_in.f.mode = FWD_AUTO; ns_ports_arg.proto = IPPROTO_TCP;
ns_ports_arg.proto = IPPROTO_UDP; NS_CALL(get_bound_ports_ns, &ns_ports_arg);
NS_CALL(get_bound_ports_ns, &ns_ports_arg);
}
if (!c->tcp.fwd_out.mode || c->tcp.fwd_out.mode == FWD_AUTO) {
c->tcp.fwd_out.mode = FWD_AUTO;
get_bound_ports(c, 0, IPPROTO_TCP);
}
if (!c->udp.fwd_out.f.mode || c->udp.fwd_out.f.mode == FWD_AUTO) {
c->udp.fwd_out.f.mode = FWD_AUTO;
get_bound_ports(c, 0, IPPROTO_UDP);
}
} else {
if (!c->tcp.fwd_in.mode)
c->tcp.fwd_in.mode = FWD_NONE;
if (!c->tcp.fwd_out.mode)
c->tcp.fwd_out.mode = FWD_NONE;
if (!c->udp.fwd_in.f.mode)
c->udp.fwd_in.f.mode = FWD_NONE;
if (!c->udp.fwd_out.f.mode)
c->udp.fwd_out.f.mode = FWD_NONE;
} }
if (c->udp.fwd_in.f.mode == FWD_AUTO) {
ns_ports_arg.proto = IPPROTO_UDP;
NS_CALL(get_bound_ports_ns, &ns_ports_arg);
}
if (c->tcp.fwd_out.mode == FWD_AUTO)
get_bound_ports(c, 0, IPPROTO_TCP);
if (c->udp.fwd_out.f.mode == FWD_AUTO)
get_bound_ports(c, 0, IPPROTO_UDP);
if (!c->quiet) if (!c->quiet)
conf_print(c); conf_print(c);