diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2026-04-10 11:02:51 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2026-04-15 23:31:40 +0200 |
| commit | dbe0ba1d26f2b82b94d243b3338cd54a228115fc (patch) | |
| tree | 6e4eb6a2be6e6342d050868fcd8e65874e9033da | |
| parent | a47b6ac2acc7001f25d01b69016d491bee7ccd5d (diff) | |
| download | passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.tar passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.tar.gz passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.tar.bz2 passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.tar.lz passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.tar.xz passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.tar.zst passt-dbe0ba1d26f2b82b94d243b3338cd54a228115fc.zip | |
conf: Permit -[tTuU] all in pasta mode
Currently we explicitly forbid -[tTuU] all in pasta mode. While these are
primarily useful for passt, there's no particular reason they can't be
used in pasta mode as well. Indeed you can do the same thing in pasta
by using "-t ~32768-60999" (assuming default Linux configuration of
ephemeral ports). For consistency, permit "all" for pasta as well.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | conf.c | 7 | ||||
| -rw-r--r-- | passt.1 | 2 |
2 files changed, 3 insertions, 6 deletions
@@ -358,9 +358,6 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg, if (*mode) goto mode_conflict; - if (c->mode == MODE_PASTA) - die("'all' port forwarding is only allowed for passt"); - *mode = FWD_MODE_ALL; /* Exclude ephemeral ports */ @@ -1036,6 +1033,7 @@ static void usage(const char *name, FILE *f, int status) " can be specified multiple times\n" " SPEC can be:\n" " 'none': don't forward any ports\n" + " 'all': forward all unbound, non-ephemeral ports\n" "%s" " a comma-separated list, optionally ranged with '-'\n" " and optional target ports after ':', with optional\n" @@ -1059,8 +1057,7 @@ static void usage(const char *name, FILE *f, int status) guest, strstr(name, "pasta") ? " 'auto': forward all ports currently bound in namespace\n" - : - " 'all': forward all unbound, non-ephemeral ports\n", + : "", guest, guest, guest, fwd_default, guest, fwd_default); if (strstr(name, "pasta")) @@ -435,7 +435,7 @@ Configure TCP port forwarding to guest or namespace. \fIspec\fR can be one of: Don't forward any ports .TP -.BR all " " (\fBpasst\fR " " only) +.BR all Forward all unbound, non-ephemeral ports, as permitted by current capabilities. For low (< 1024) ports, see \fBNOTES\fR. No failures are reported for unavailable ports, unless no ports could be forwarded at all. |