passt/fwd_rule.c, branch 2026_05_07.1afd4ed Plug A Simple Socket Transport pesto, conf, fwd_rule: Add options and modes to add, delete, clear rules 2026-05-07T06:06:30+00:00 Stefano Brivio sbrivio@redhat.com 2026-05-05T22:39:09+00:00 2692ef3fa67d89076e1ad035434db9312a0b3813 Instead of just being able to add to the existing tables, implement an explicit --clear option to replace them, which now becomes the default behaviour, and implement explicit --add and --delete options to maintain the table and add or delete specific ports. The option --clear PIF forces the clearing of a table, instead. These options can be combined arbitrarily and are handled as sequential commands, as now described in pesto(1). If no option is given before forwarding specifiers for a matching table, the command line is interpreted as a replacement of the existing rules. To this end: - there's no protocol change, as pesto is anyway sending updated copies of the table - the forwarding table functions now include a new fwd_rule_del(), which deletes existing rule only if a matching one is found - a trivial fwd_rule_clear() is factored out from the existing conf_handler() implementation, so that it can be directly used in pesto The entry points for parsing of port specifiers now take an additional 'del' parameter which is passed down all the way before reaching the fwd_rule_add() implementation. If a rule should be deleted, at that point, fwd_rule_del() is called instead. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 
Instead of just being able to add to the existing tables, implement
an explicit --clear option to replace them, which now becomes the
default behaviour, and implement explicit --add and --delete options
to maintain the table and add or delete specific ports.

The option --clear PIF forces the clearing of a table, instead.

These options can be combined arbitrarily and are handled as
sequential commands, as now described in pesto(1).

If no option is given before forwarding specifiers for a matching
table, the command line is interpreted as a replacement of the
existing rules.

To this end:

- there's no protocol change, as pesto is anyway sending updated
  copies of the table

- the forwarding table functions now include a new fwd_rule_del(),
  which deletes existing rule only if a matching one is found

- a trivial fwd_rule_clear() is factored out from the existing
  conf_handler() implementation, so that it can be directly used
  in pesto

The entry points for parsing of port specifiers now take an additional
'del' parameter which is passed down all the way before reaching the
fwd_rule_add() implementation. If a rule should be deleted, at that
point, fwd_rule_del() is called instead.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
fwd_rule: Fix static checkers warnings in fwd_rule_add() 2026-05-07T06:06:30+00:00 Stefano Brivio sbrivio@redhat.com 2026-05-03T21:56:01+00:00 e371d347ebb764665f3acd10c804ded44d04bb60 The new checks are actually sufficient but not enough for Coverity Scan. Now that fwd->sock_count and new->last are affected or supplied by clients, we need explicit (albeit redundant) checks on them. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 
The new checks are actually sufficient but not enough for Coverity
Scan. Now that fwd->sock_count and new->last are affected or supplied
by clients, we need explicit (albeit redundant) checks on them.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
pesto: Parse and add new rules from command line 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:58+00:00 cbd58d631db9875967aedc8157ee3b23b93eb299 This adds parsing of options using fwd_rule_parse(), validates them and adds them to the existing rules. It doesn't yet send those rules back to passt or pasta. Message-ID: <20260322141843.4095972-3-sbrivio@redhat.com> [dwg: Based on an early draft by Stefano] Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [sbrivio: Recycled usage messages for -T and -U from conf.c as suggested by Laurent, dropped unrelated whitespace change] [sbrivio: Add description of -t, -u, -T, -U to pesto.1] [sbrivio: Fix conflicts in Makefile] [sbrivio: Add description of -s to pesto.1 as well] Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> 
This adds parsing of options using fwd_rule_parse(), validates them and
adds them to the existing rules. It doesn't yet send those rules back to
passt or pasta.

Message-ID: <20260322141843.4095972-3-sbrivio@redhat.com>
[dwg: Based on an early draft by Stefano]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
[sbrivio: Recycled usage messages for -T and -U from conf.c as
 suggested by Laurent, dropped unrelated whitespace change]
[sbrivio: Add description of -t, -u, -T, -U to pesto.1]
[sbrivio: Fix conflicts in Makefile]
[sbrivio: Add description of -s to pesto.1 as well]
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
pesto: Read current ruleset from passt/pasta and optionally display it 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:57+00:00 fa0676869ff02e98facdf52e31dcba01f35983ad Implement serialisation of our current forwarding rules in conf.c, deserialising it to display in the pesto client. Doing this requires adding ip.c, inany.c, bitmap.c, lineread.c and fwd_rule.c to the pesto build. With previous preparations that now requires only a trivial change to lineread.c. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> [sbrivio: Use ntohs() for rule->to instead of htons() in fwd_rule_read(), reported by Jon Maloy] [sbrivio: Add upper bound check on pc->fwd.count for count of rules received by pesto, reported missing by Laurent, plus nits also reported by Laurent] [sbrivio: Fix conflicts in Makefile] Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
Implement serialisation of our current forwarding rules in conf.c,
deserialising it to display in the pesto client.  Doing this requires
adding ip.c, inany.c, bitmap.c, lineread.c and fwd_rule.c to the pesto
build.  With previous preparations that now requires only a trivial change
to lineread.c.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
[sbrivio: Use ntohs() for rule->to instead of htons() in
 fwd_rule_read(), reported by Jon Maloy]
[sbrivio: Add upper bound check on pc->fwd.count for count of rules
 received by pesto, reported missing by Laurent, plus nits also
 reported by Laurent]
[sbrivio: Fix conflicts in Makefile]
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fwd_rule: Fix some format specifiers 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:50+00:00 6cf93ed19d3e50094928b1a8eb2c9e5fed1df4a3 The new warnings in fwd_rule_add() have some not quite technically correct format specifiers. For some weird reason these don't trip warnings on passt itself, but do when we re-use this code in the upcoming configuration client. Fix them. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
The new warnings in fwd_rule_add() have some not quite technically correct
format specifiers.  For some weird reason these don't trip warnings on
passt itself, but do when we re-use this code in the upcoming configuration
client.  Fix them.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fwd: Generalise fwd_rules_info() 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:48+00:00 393c87e18498f77023ffc3b902810207c7b6c835 fwd_rules_info() is used to print a full table of forwarding rules for debugging or the like. Currently it has one caller, and uses info() to dump the messages. However for the upcoming configuration client, we're going to want to dump the rules in some similar, but not quite identical ways. For example, at different severity levels, or to stdout instead of stderr / system log / logfile. So, generalise fwd_rules_info() to fwd_rules_dump() which takes a printing function as a parameter. Because we want this to work with "functions" like info, which is actually a macro, we have to convert fwd_rules_dump() to a macro as well. We also allow the prefix and suffix for each rule / line to be provided as a parameter. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
fwd_rules_info() is used to print a full table of forwarding rules for
debugging or the like.  Currently it has one caller, and uses info() to
dump the messages.  However for the upcoming configuration client, we're
going to want to dump the rules in some similar, but not quite identical
ways.  For example, at different severity levels, or to stdout instead of
stderr / system log / logfile.

So, generalise fwd_rules_info() to fwd_rules_dump() which takes a printing
function as a parameter.  Because we want this to work with "functions"
like info, which is actually a macro, we have to convert fwd_rules_dump()
to a macro as well.  We also allow the prefix and suffix for each rule /
line to be provided as a parameter.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fwd_rule: Move conflict checking back within fwd_rule_add() 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:47+00:00 279b679c273727db7d4d719a49f8b6e8610b7836 2bffb631d31e ("fwd_rule: Move rule conflict checking from fwd_rule_add() to caller") moved rule conflict checking out of fwd_rule_add(). This seemed like a good idea at the time, but turns out to be kind of awkward: it means we're now checking for conflicts *before* we've checked the rule for internal consistency (including first <= last), which leaves an awkward assert() which might fire in unexpected places. While it's true that it's not really necessary to include this in order to safely add a rule, the benefits from skipping it are pretty marginal. So, for simplicity, fold this check back into fwd_rule_add(), making it non-fatal. If we ever have cases with enough rules that the O(n^2) nature of the check matters, we might need to revisit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
2bffb631d31e ("fwd_rule: Move rule conflict checking from fwd_rule_add()
to caller") moved rule conflict checking out of fwd_rule_add().  This
seemed like a good idea at the time, but turns out to be kind of awkward:
it means we're now checking for conflicts *before* we've checked the rule
for internal consistency (including first <= last), which leaves an awkward
assert() which might fire in unexpected places.

While it's true that it's not really necessary to include this in order to
safely add a rule, the benefits from skipping it are pretty marginal.  So,
for simplicity, fold this check back into fwd_rule_add(), making it
non-fatal.  If we ever have cases with enough rules that the O(n^2) nature
of the check matters, we might need to revisit.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fwd, conf: Move rule parsing code to fwd_rule.[ch] 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:46+00:00 c0e0c2f08207027fb8bde8ee0cab09390aa16a52 The code parsing command line options into forwarding rules has now been decoupled from most of passt/pasta's internals. This is good, because we'll soon want to share it with a configuration update client. Make the next step by moving this code into fwd_rule.[ch]. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
The code parsing command line options into forwarding rules has now been
decoupled from most of passt/pasta's internals.  This is good, because
we'll soon want to share it with a configuration update client.

Make the next step by moving this code into fwd_rule.[ch].

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fwd_rule: Move ephemeral port probing to fwd_rule.c 2026-05-07T06:06:30+00:00 David Gibson david@gibson.dropbear.id.au 2026-05-03T21:55:45+00:00 21d565d639cc1752a9981e7d2bfc3965069e45a7 We want to move parsing of forward rule options to fwd_rule.c so it can eventually be shared with a configuration client. As a preliminary step, move the ephemeral port probing there, which that will need to use. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
We want to move parsing of forward rule options to fwd_rule.c so it can
eventually be shared with a configuration client.  As a preliminary step,
move the ephemeral port probing there, which that will need to use.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fwd: Improve error handling in fwd_rule_add() 2026-04-15T21:31:51+00:00 David Gibson david@gibson.dropbear.id.au 2026-04-10T01:02:57+00:00 b68cac078c16486a2a1c863d00187a204037a7b7 fwd_rule_add() sanity checks the given rule, however all errors are fatal: either they're assert()s in the case of things that callers should have already verified, or die()s if we run out of space for the new rule. This won't suffice any more when we allow rule updates from a configuration client. We don't want to trust the input we get from the client any more than we have to. Replace the assert()s and die()s with a return value. Also include warn()s so that the user gets a more specific idea of the problem in the logs or stderr. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 
fwd_rule_add() sanity checks the given rule, however all errors are fatal:
either they're assert()s in the case of things that callers should have
already verified, or die()s if we run out of space for the new rule.

This won't suffice any more when we allow rule updates from a
configuration client.  We don't want to trust the input we get from
the client any more than we have to.

Replace the assert()s and die()s with a return value.  Also include warn()s
so that the user gets a more specific idea of the problem in the logs or
stderr.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>