From dbe0ba1d26f2b82b94d243b3338cd54a228115fc Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Fri, 10 Apr 2026 11:02:51 +1000
Subject: conf: Permit -[tTuU] all in pasta mode

Currently we explicitly forbid -[tTuU] all in pasta mode.  While these are
primarily useful for passt, there's no particular reason they can't be
used in pasta mode as well.  Indeed you can do the same thing in pasta
by using "-t ~32768-60999" (assuming default Linux configuration of
ephemeral ports).  For consistency, permit "all" for pasta as well.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 conf.c  | 7 ++-----
 passt.1 | 2 +-
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/conf.c b/conf.c
index 9f237a1..03e0fe5 100644
--- a/conf.c
+++ b/conf.c
@@ -358,9 +358,6 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
 		if (*mode)
 			goto mode_conflict;
 
-		if (c->mode == MODE_PASTA)
-			die("'all' port forwarding is only allowed for passt");
-
 		*mode = FWD_MODE_ALL;
 
 		/* Exclude ephemeral ports */
@@ -1036,6 +1033,7 @@ static void usage(const char *name, FILE *f, int status)
 		"    can be specified multiple times\n"
 		"    SPEC can be:\n"
 		"      'none': don't forward any ports\n"
+		"      'all': forward all unbound, non-ephemeral ports\n"
 		"%s"
 		"      a comma-separated list, optionally ranged with '-'\n"
 		"        and optional target ports after ':', with optional\n"
@@ -1059,8 +1057,7 @@ static void usage(const char *name, FILE *f, int status)
 		guest,
 		strstr(name, "pasta") ?
 		"      'auto': forward all ports currently bound in namespace\n"
-		:
-		"      'all': forward all unbound, non-ephemeral ports\n",
+		: "",
 		guest, guest, guest, fwd_default, guest, fwd_default);
 
 	if (strstr(name, "pasta"))
diff --git a/passt.1 b/passt.1
index 976f3f0..7da4fe5 100644
--- a/passt.1
+++ b/passt.1
@@ -435,7 +435,7 @@ Configure TCP port forwarding to guest or namespace. \fIspec\fR can be one of:
 Don't forward any ports
 
 .TP
-.BR all " " (\fBpasst\fR " " only)
+.BR all
 Forward all unbound, non-ephemeral ports, as permitted by current capabilities.
 For low (< 1024) ports, see \fBNOTES\fR. No failures are reported for
 unavailable ports, unless no ports could be forwarded at all.
-- 
cgit v1.2.3