Thanks for the patch!
On Mon, 20 Mar 2023 19:10:34 +0100
Paul Holzinger <pholzing(a)redhat.com> wrote:
The logic in tcp_timer() was inverted. fwd_out
should expose the host
ports in the ns. Therfore it must read the ports on the host and then
bind them in the netns. The same for fwd_in which checks ports in the
ns and then exposes them on the host.
Note that this only fixes tcp ports, udp does not seems to work at all
right now with the auto mode.
Note that for UDP there's no periodic scan,
"auto" just checks bound
ports when pasta starts:
-u, --udp-ports spec
Configure UDP port forwarding to namespace. spec is as described
for TCP above, and the list of ports is derived from listening
sockets reported by /proc/net/udp and /proc/net/udp6, see
proc(5), when pasta starts (not periodically).
Signed-off-by:
Paul Holzinger <pholzing(a)redhat.com>
Fixes: 1128fa03fe73 ("Improve types
and names for port forwarding configuration")
(I'll add that tag).
The patch itself looks good to me. I'm now looking at other parts
(tcp_sock_init()) where we seem to have the same kind of swap.
Unfortunately this is only covered by the Podman demo as a test, which
has been disabled for a while now:
https://bugs.passt.top/show_bug.cgi?id=29
and as David is meanwhile working to improve the test framework, we can
probably wait a bit to introduce a new test. Meanwhile I'll check this
part manually on related changes.