diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2022-11-30 15:13:01 +1100 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2022-12-06 07:40:56 +0100 |
commit | 4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef (patch) | |
tree | 9a88efa3cb0dc9bcfc1263dcc6bb0fa647061214 /test | |
parent | 190169c544744d38a280fff0499f764642dad2e3 (diff) | |
download | passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.tar passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.tar.gz passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.tar.bz2 passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.tar.lz passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.tar.xz passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.tar.zst passt-4ebb4905e9823d6c8fe7cec9ecce2bda7f2905ef.zip |
udp: Also bind() connected ports for "splice" forwarding
pasta handles "spliced" port forwarding by resending datagrams received on
a bound socket in the init namespace to a connected socket in the guest
namespace. This means there are actually three ports associated with each
"connection". First there's the source and destination ports of the
originating datagram. That's also the destination port of the forwarded
datagram, but the source port of the forwarded datagram is the kernel
allocated bound address of the connected socket.
However, by bind()ing as well as connect()ing the forwarding socket we can
choose the source port of the forwarded datagrams. By choosing it to match
the original source port we remove that surprising third port number and
no longer need to store port numbers in struct udp_splice_port.
As a bonus this means that the recipient of the packets will see the
original source port if they call getpeername(). This rarely matters, but
it can't hurt.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'test')
0 files changed, 0 insertions, 0 deletions