diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2024-02-28 22:25:06 +1100 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2024-02-29 09:47:40 +0100 |
commit | bb9bf0bb8f576186b62af5c8506741a7bc545f3e (patch) | |
tree | 04923414d47b46304b2d2cbad15b20639bfdd463 | |
parent | e196eada6f51a8e36156a71dbccd746cf89a47fa (diff) | |
download | passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.tar passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.tar.gz passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.tar.bz2 passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.tar.lz passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.tar.xz passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.tar.zst passt-bb9bf0bb8f576186b62af5c8506741a7bc545f3e.zip |
tcp, udp: Don't precompute port remappings in epoll references
The epoll references for both TCP listening sockets and UDP sockets
includes a port number. This gives the destination port that traffic
to that socket will be sent to on the other side. That will usually
be the same as the socket's bound port, but might not if the -t, -u,
-T or -U options are given with different original and forwarded port
numbers.
As we move towards a more flexible forwarding model for passt, it's
going to become possible for that destination port to vary depending
on more things (for example the source or destination address). So,
it will no longer make sense to have a fixed value for a listening
socket.
Change to simpler semantics where this field in the reference gives
the bound port of the socket. We apply the translations to the
correct destination port later on, when we're actually forwarding.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r-- | tcp.c | 8 | ||||
-rw-r--r-- | tcp.h | 2 | ||||
-rw-r--r-- | tcp_splice.c | 2 | ||||
-rw-r--r-- | udp.c | 14 |
4 files changed, 15 insertions, 11 deletions
@@ -2699,7 +2699,7 @@ static void tcp_tap_conn_from_sock(struct ctx *c, conn_event(c, conn, SOCK_ACCEPTED); inany_from_sockaddr(&conn->faddr, &conn->fport, sa); - conn->eport = ref.port; + conn->eport = ref.port + c->tcp.fwd_in.delta[ref.port]; tcp_snat_inbound(c, &conn->faddr); @@ -2883,7 +2883,7 @@ static int tcp_sock_init_af(const struct ctx *c, sa_family_t af, in_port_t port, const void *addr, const char *ifname) { union tcp_listen_epoll_ref tref = { - .port = port + c->tcp.fwd_in.delta[port], + .port = port, .pif = PIF_HOST, }; int s; @@ -2945,7 +2945,7 @@ int tcp_sock_init(const struct ctx *c, sa_family_t af, const void *addr, static void tcp_ns_sock_init4(const struct ctx *c, in_port_t port) { union tcp_listen_epoll_ref tref = { - .port = port + c->tcp.fwd_out.delta[port], + .port = port, .pif = PIF_SPLICE, }; int s; @@ -2971,7 +2971,7 @@ static void tcp_ns_sock_init4(const struct ctx *c, in_port_t port) static void tcp_ns_sock_init6(const struct ctx *c, in_port_t port) { union tcp_listen_epoll_ref tref = { - .port = port + c->tcp.fwd_out.delta[port], + .port = port, .pif = PIF_SPLICE, }; int s; @@ -37,7 +37,7 @@ union tcp_epoll_ref { /** * union tcp_listen_epoll_ref - epoll reference portion for TCP listening - * @port: Port number we're forwarding *to* (listening port plus delta) + * @port: Bound port number of the socket * @pif: pif in which the socket is listening * @u32: Opaque u32 value of reference */ diff --git a/tcp_splice.c b/tcp_splice.c index beb2fcb..4828b09 100644 --- a/tcp_splice.c +++ b/tcp_splice.c @@ -420,10 +420,12 @@ static int tcp_splice_new(const struct ctx *c, struct tcp_splice_conn *conn, int s = -1; if (pif == PIF_SPLICE) { + port += c->tcp.fwd_out.delta[port]; s = tcp_conn_sock(c, af); } else { ASSERT(pif == PIF_HOST); + port += c->tcp.fwd_in.delta[port]; s = tcp_conn_sock_ns(c, af); } @@ -767,6 +767,11 @@ void udp_sock_handler(const struct ctx *c, union epoll_ref ref, uint32_t events, if (c->no_udp || !(events & EPOLLIN)) return; + if (ref.udp.pif == PIF_SPLICE) + dstport += c->udp.fwd_out.f.delta[dstport]; + else if (ref.udp.pif == PIF_HOST) + dstport += c->udp.fwd_in.f.delta[dstport]; + if (v6) { mmh_recv = udp6_l2_mh_sock; udp6_localname.sin6_port = htons(dstport); @@ -999,16 +1004,13 @@ int udp_sock_init(const struct ctx *c, int ns, sa_family_t af, const void *addr, const char *ifname, in_port_t port) { union udp_epoll_ref uref = { .splice = (c->mode == MODE_PASTA), - .orig = true }; + .orig = true, .port = port }; int s, r4 = FD_REF_MAX + 1, r6 = FD_REF_MAX + 1; - if (ns) { + if (ns) uref.pif = PIF_SPLICE; - uref.port = (in_port_t)(port + c->udp.fwd_out.f.delta[port]); - } else { + else uref.pif = PIF_HOST; - uref.port = (in_port_t)(port + c->udp.fwd_in.f.delta[port]); - } if ((af == AF_INET || af == AF_UNSPEC) && c->ifi4) { uref.v6 = 0; |