diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2022-11-10 20:30:03 +0100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2022-11-16 15:09:31 +0100 |
| commit | 3a2afde87dd15e9e9716cadaedce37de47a05d91 (patch) | |
| tree | 340619abfaea041e3c0c91975615f2a996d92f22 /udp.c | |
| parent | 4129764ecaebf05a33e22d8d95bb3d8deaa14c14 (diff) | |
| download | passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.tar passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.tar.gz passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.tar.bz2 passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.tar.lz passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.tar.xz passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.tar.zst passt-3a2afde87dd15e9e9716cadaedce37de47a05d91.zip | |
conf, udp: Drop mostly duplicated dns_send arrays, rename related fields
Given that we use just the first valid DNS resolver address
configured, or read from resolv.conf(5) on the host, to forward DNS
queries to, in case --dns-forward is used, we don't need to duplicate
dns[] to dns_send[]:
- rename dns_send[] back to dns[]: those are the resolvers we
advertise to the guest/container
- for forwarding purposes, instead of dns[], use a single field (for
each protocol version): dns_host
- and rename dns_fwd to dns_match, so that it's clear this is the
address we are matching DNS queries against, to decide if they need
to be forwarded
Suggested-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Diffstat (limited to 'udp.c')
| -rw-r--r-- | udp.c | 21 |
1 files changed, 12 insertions, 9 deletions
@@ -678,10 +678,10 @@ static void udp_sock_fill_data_v4(const struct ctx *c, int n, src_port = ntohs(b->s_in.sin_port); - if (!IN4_IS_ADDR_UNSPECIFIED(&c->ip4.dns_fwd) && - IN4_ARE_ADDR_EQUAL(&b->s_in.sin_addr, &c->ip4.dns[0]) && + if (!IN4_IS_ADDR_UNSPECIFIED(&c->ip4.dns_match) && + IN4_ARE_ADDR_EQUAL(&b->s_in.sin_addr, &c->ip4.dns_host) && src_port == 53) { - b->iph.saddr = c->ip4.dns_fwd.s_addr; + b->iph.saddr = c->ip4.dns_match.s_addr; } else if (IN4_IS_ADDR_LOOPBACK(&b->s_in.sin_addr) || IN4_IS_ADDR_UNSPECIFIED(&b->s_in.sin_addr)|| IN4_ARE_ADDR_EQUAL(&b->s_in.sin_addr, &c->ip4.addr_seen)) { @@ -770,10 +770,11 @@ static void udp_sock_fill_data_v6(const struct ctx *c, int n, if (IN6_IS_ADDR_LINKLOCAL(src)) { b->ip6h.daddr = c->ip6.addr_ll_seen; b->ip6h.saddr = b->s_in6.sin6_addr; - } else if (!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.dns_fwd) && - IN6_ARE_ADDR_EQUAL(src, &c->ip6.dns[0]) && src_port == 53) { + } else if (!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.dns_match) && + IN6_ARE_ADDR_EQUAL(src, &c->ip6.dns_host) && + src_port == 53) { b->ip6h.daddr = c->ip6.addr_seen; - b->ip6h.saddr = c->ip6.dns_fwd; + b->ip6h.saddr = c->ip6.dns_match; } else if (IN6_IS_ADDR_LOOPBACK(src) || IN6_ARE_ADDR_EQUAL(src, &c->ip6.addr_seen) || IN6_ARE_ADDR_EQUAL(src, &c->ip6.addr)) { @@ -1016,13 +1017,15 @@ int udp_tap_handler(struct ctx *c, int af, const void *addr, udp_tap_map[V4][src].ts = now->tv_sec; - if (IN4_ARE_ADDR_EQUAL(&s_in.sin_addr, &c->ip4.gw) && !c->no_map_gw) { + if (IN4_ARE_ADDR_EQUAL(&s_in.sin_addr, &c->ip4.gw) && + !c->no_map_gw) { if (!(udp_tap_map[V4][dst].flags & PORT_LOCAL) || (udp_tap_map[V4][dst].flags & PORT_LOOPBACK)) s_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); else s_in.sin_addr = c->ip4.addr_seen; - } else if (IN4_ARE_ADDR_EQUAL(&s_in.sin_addr, &c->ip4.dns_fwd) && + } else if (IN4_ARE_ADDR_EQUAL(&s_in.sin_addr, + &c->ip4.dns_match) && ntohs(s_in.sin_port) == 53) { s_in.sin_addr = c->ip4.dns[0]; } @@ -1045,7 +1048,7 @@ int udp_tap_handler(struct ctx *c, int af, const void *addr, s_in6.sin6_addr = c->ip6.addr; else s_in6.sin6_addr = c->ip6.addr_seen; - } else if (IN6_ARE_ADDR_EQUAL(addr, &c->ip6.dns_fwd) && + } else if (IN6_ARE_ADDR_EQUAL(addr, &c->ip6.dns_match) && ntohs(s_in6.sin6_port) == 53) { s_in6.sin6_addr = c->ip6.dns[0]; } else if (IN6_IS_ADDR_LINKLOCAL(&s_in6.sin6_addr)) { |