mirrors/passt
1
0
Fork 0
mirror of https://passt.top/passt synced 2025-06-13 02:55:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

tcp, udp: Split IPv4 and IPv6 bound port sets

Browse source 
Allow to bind IPv4 and IPv6 ports to tap, namespace or init separately.

Port numbers of TCP ports that are bound in a namespace are also bound
for UDP for convenience (e.g. iperf3), and IPv4 ports are always bound
if the corresponding IPv6 port is bound (socket might not have the
IPV6_V6ONLY option set). This will also be configurable later.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2021-07-21 17:44:39 +02:00
parent b508079c4c
commit 49631a38a6
5 changed files with 131 additions and 79 deletions

46
passt.c
View file

@ -326,13 +326,21 @@ static int get_bound_ports_ns(void *arg)
ns_enter(c->pasta_pid);
if (c->v4) {
procfs_scan_listen("tcp", c->tcp.port_to_ns);
procfs_scan_listen("udp", c->udp.port_to_ns);
procfs_scan_listen("tcp", c->tcp.port4_to_tap);
procfs_scan_listen("tcp", c->udp.port4_to_tap);
procfs_scan_listen("udp", c->udp.port4_to_tap);
}
if (c->v6) {
procfs_scan_listen("tcp6", c->tcp.port_to_ns);
procfs_scan_listen("udp6", c->udp.port_to_ns);
if (c->v4) {
procfs_scan_listen("tcp6", c->tcp.port4_to_ns);
procfs_scan_listen("tcp6", c->udp.port4_to_ns);
procfs_scan_listen("udp6", c->udp.port4_to_ns);
}
procfs_scan_listen("tcp6", c->tcp.port6_to_ns);
procfs_scan_listen("tcp6", c->udp.port6_to_ns);
procfs_scan_listen("udp6", c->udp.port6_to_ns);
}
return 0;
@ -346,23 +354,23 @@ static void get_bound_ports(struct ctx *c)
{
char ns_fn_stack[NS_FN_STACK_SIZE];
if (c->mode == MODE_PASST) {
memset(c->tcp.port_to_tap, 0xff, PORT_EPHEMERAL_MIN / 8);
memset(c->udp.port_to_tap, 0xff, PORT_EPHEMERAL_MIN / 8);
return;
}
clone(get_bound_ports_ns, ns_fn_stack + sizeof(ns_fn_stack) / 2,
CLONE_VM | CLONE_VFORK | CLONE_FILES | SIGCHLD, (void *)c);
if (c->v4) {
procfs_scan_listen("tcp", c->tcp.port_to_init);
procfs_scan_listen("udp", c->udp.port_to_init);
procfs_scan_listen("tcp", c->tcp.port4_to_init);
procfs_scan_listen("udp", c->udp.port4_to_init);
}
if (c->v6) {
procfs_scan_listen("tcp6", c->tcp.port_to_init);
procfs_scan_listen("udp6", c->udp.port_to_init);
if (c->v4) {
procfs_scan_listen("tcp6", c->tcp.port4_to_init);
procfs_scan_listen("udp6", c->udp.port4_to_init);
}
procfs_scan_listen("tcp6", c->tcp.port6_to_init);
procfs_scan_listen("udp6", c->udp.port6_to_init);
}
}
@ -509,7 +517,15 @@ int main(int argc, char **argv)
get_routes(&c);
get_addrs(&c);
get_dns(&c);
get_bound_ports(&c);
if (c.mode == MODE_PASST) {
memset(&c.tcp.port4_to_tap, 0xff, PORT_EPHEMERAL_MIN / 8);
memset(&c.tcp.port6_to_tap, 0xff, PORT_EPHEMERAL_MIN / 8);
memset(&c.udp.port4_to_tap, 0xff, PORT_EPHEMERAL_MIN / 8);
memset(&c.udp.port6_to_tap, 0xff, PORT_EPHEMERAL_MIN / 8);
} else {
get_bound_ports(&c);
}
proto_update_l2_buf(c.mac_guest, c.mac, &c.addr4);