diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2024-07-24 17:51:11 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2024-07-25 12:37:57 +0200 |
| commit | 0ada84e3f8c5e76d47725f45082f012a56efe433 (patch) | |
| tree | 40515dc753f4d35b1b49b73feba52f3a0bb05a59 | |
| parent | 4a333c88d7fcec8764c2b485f983a86fec534821 (diff) | |
| download | passt-0ada84e3f8c5e76d47725f45082f012a56efe433.tar passt-0ada84e3f8c5e76d47725f45082f012a56efe433.tar.gz passt-0ada84e3f8c5e76d47725f45082f012a56efe433.tar.bz2 passt-0ada84e3f8c5e76d47725f45082f012a56efe433.tar.lz passt-0ada84e3f8c5e76d47725f45082f012a56efe433.tar.xz passt-0ada84e3f8c5e76d47725f45082f012a56efe433.tar.zst passt-0ada84e3f8c5e76d47725f45082f012a56efe433.zip | |
fwd: Refactor tests in fwd_nat_from_tap() for clarity
Currently, we start by handling the common case, where we don't translate
the destination address, then we modify the tgt side for the special cases.
In the process we do comparisons on the tentatively set fields in tgt,
which obscures the fact that tgt should be an essentially pure function of
ini, and risks people examining fields of tgt that are not yet initialized.
To make this clearer, do all our tests on 'ini', constructing tgt from
scratch on that basis.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | fwd.c | 25 |
1 files changed, 12 insertions, 13 deletions
@@ -169,21 +169,20 @@ void fwd_scan_ports_init(struct ctx *c) uint8_t fwd_nat_from_tap(const struct ctx *c, uint8_t proto, const struct flowside *ini, struct flowside *tgt) { - tgt->eaddr = ini->faddr; - tgt->eport = ini->fport; - - if (proto == IPPROTO_UDP && tgt->eport == 53 && - inany_equals4(&tgt->eaddr, &c->ip4.dns_match)) { + if (proto == IPPROTO_UDP && ini->fport == 53 && + inany_equals4(&ini->faddr, &c->ip4.dns_match)) tgt->eaddr = inany_from_v4(c->ip4.dns_host); - } else if (proto == IPPROTO_UDP && tgt->eport == 53 && - inany_equals6(&tgt->eaddr, &c->ip6.dns_match)) { + else if (proto == IPPROTO_UDP && ini->fport == 53 && + inany_equals6(&ini->faddr, &c->ip6.dns_match)) tgt->eaddr.a6 = c->ip6.dns_host; - } else if (!c->no_map_gw) { - if (inany_equals4(&tgt->eaddr, &c->ip4.gw)) - tgt->eaddr = inany_loopback4; - else if (inany_equals6(&tgt->eaddr, &c->ip6.gw)) - tgt->eaddr = inany_loopback6; - } + else if (!c->no_map_gw && inany_equals4(&ini->faddr, &c->ip4.gw)) + tgt->eaddr = inany_loopback4; + else if (!c->no_map_gw && inany_equals6(&ini->faddr, &c->ip6.gw)) + tgt->eaddr = inany_loopback6; + else + tgt->eaddr = ini->faddr; + + tgt->eport = ini->fport; /* The relevant addr_out controls the host side source address. This * may be unspecified, which allows the kernel to pick an address. |