diff options
-rw-r--r-- | conf.c | 18 | ||||
-rw-r--r-- | passt.1 | 14 | ||||
-rw-r--r-- | passt.h | 2 | ||||
-rw-r--r-- | pasta.c | 5 |
4 files changed, 35 insertions, 4 deletions
@@ -902,6 +902,8 @@ pasta_opts: info( " --config-net Configure tap interface in namespace"); info( " --no-copy-routes DEPRECATED:"); info( " Don't copy all routes to namespace"); + info( " --no-copy-addrs DEPRECATED:"); + info( " Don't copy all addresses to namespace"); info( " --ns-mac-addr ADDR Set MAC address on tap interface"); exit(EXIT_FAILURE); @@ -1178,6 +1180,7 @@ void conf(struct ctx *c, int argc, char **argv) {"outbound-if6", required_argument, NULL, 16 }, {"config-net", no_argument, NULL, 17 }, {"no-copy-routes", no_argument, NULL, 18 }, + {"no-copy-addrs", no_argument, NULL, 19 }, { 0 }, }; struct get_bound_ports_ns_arg ns_ports_arg = { .c = c }; @@ -1349,6 +1352,13 @@ void conf(struct ctx *c, int argc, char **argv) warn("--no-copy-routes will be dropped soon"); c->no_copy_routes = 1; break; + case 19: + if (c->mode != MODE_PASTA) + die("--no-copy-addrs is for pasta mode only"); + + warn("--no-copy-addrs will be dropped soon"); + c->no_copy_addrs = 1; + break; case 'd': if (c->debug) die("Multiple --debug options given"); @@ -1634,8 +1644,12 @@ void conf(struct ctx *c, int argc, char **argv) if (*c->sock_path && c->fd_tap >= 0) die("Options --socket and --fd are mutually exclusive"); - if (c->mode == MODE_PASTA && c->no_copy_routes && !c->pasta_conf_ns) - die("Option --no-copy-routes needs --config-net"); + if (c->mode == MODE_PASTA && !c->pasta_conf_ns) { + if (c->no_copy_routes) + die("Option --no-copy-routes needs --config-net"); + if (c->no_copy_addrs) + die("Option --no-copy-addrs needs --config-net"); + } if (!ifi4 && *c->ip4.ifname_out) ifi4 = if_nametoindex(c->ip4.ifname_out); @@ -564,6 +564,20 @@ legacy behaviour. If you have any use for this, refer to \fBREPORTING BUGS\fR below. .TP +.BR \-\-no-copy-addrs " " (DEPRECATED) +With \-\-config-net, do not copy all the addresses associated to the interface +we derive addresses and routes from: set up a single one. Implied by \-a, +\-\-address. + +Default is to copy all the addresses, except for link-local ones, from the +interface from the outer namespace to the target namespace. + +Note that this configuration option is \fBdeprecated\fR and will be removed in a +future version. It is not expected to be of any use, and it simply reflects a +legacy behaviour. If you have any use for this, refer to \fBREPORTING BUGS\fR +below. + +.TP .BR \-\-ns-mac-addr " " \fIaddr Configure MAC address \fIaddr\fR on the tap interface in the namespace. @@ -183,6 +183,7 @@ struct ip6_ctx { * @pasta_ifn: Index of namespace interface for pasta * @pasta_conf_ns: Configure namespace after creating it * @no_copy_routes: Don't copy all routes when configuring target namespace + * @no_copy_addrs: Don't copy all addresses when configuring namespace * @no_tcp: Disable TCP operation * @tcp: Context for TCP protocol handler * @no_tcp: Disable UDP operation @@ -242,6 +243,7 @@ struct ctx { unsigned int pasta_ifi; int pasta_conf_ns; int no_copy_routes; + int no_copy_addrs; int no_tcp; struct tcp_ctx tcp; @@ -274,11 +274,12 @@ void pasta_ns_conf(struct ctx *c) if (c->pasta_conf_ns) { enum nl_op op_routes = c->no_copy_routes ? NL_SET : NL_DUP; + enum nl_op op_addrs = c->no_copy_addrs ? NL_SET : NL_DUP; nl_link(1, c->pasta_ifi, c->mac_guest, 1, c->mtu); if (c->ifi4) { - nl_addr(NL_SET, c->ifi4, c->pasta_ifi, AF_INET, + nl_addr(op_addrs, c->ifi4, c->pasta_ifi, AF_INET, &c->ip4.addr, &c->ip4.prefix_len, NULL); nl_route(op_routes, c->ifi4, c->pasta_ifi, AF_INET, &c->ip4.gw); @@ -286,7 +287,7 @@ void pasta_ns_conf(struct ctx *c) if (c->ifi6) { int prefix_len = 64; - nl_addr(NL_SET, c->ifi6, c->pasta_ifi, AF_INET6, + nl_addr(op_addrs, c->ifi6, c->pasta_ifi, AF_INET6, &c->ip6.addr, &prefix_len, NULL); nl_route(op_routes, c->ifi6, c->pasta_ifi, AF_INET6, &c->ip6.gw); |