When using -t all, -u all or exclude-only ranges, we'll attempt to forward
all non-ephemeral port numbers, including port 0. However, this won't work
as intended: bind() treats a zero port not as literal port 0, but as
"pick a port for me". Because of the special meaning of port 0, we mostly
outright exclude it in our handling.
Do the same for setting up forwards, not attempting to forward for port 0.
Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au>
---
conf.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/conf.c b/conf.c
index 6b3dafd5..3eb117ff 100644
--- a/conf.c
+++ b/conf.c
@@ -157,7 +157,10 @@ static void conf_ports(const struct ctx *c, char optname, const char
*optarg,
fwd->mode = FWD_ALL;
- for (i = 0; i < NUM_PORTS; i++) {
+ /* Skip port 0. It has special meaning for many socket APIs, so
+ * trying to bind it is not really safe.
+ */
+ for (i = 1; i < NUM_PORTS; i++) {
if (fwd_port_is_ephemeral(i))
continue;
@@ -262,7 +265,10 @@ static void conf_ports(const struct ctx *c, char optname, const char
*optarg,
} while ((p = next_chunk(p, ',')));
if (exclude_only) {
- for (i = 0; i < NUM_PORTS; i++) {
+ /* Skip port 0. It has special meaning for many socket APIs, so
+ * trying to bind it is not really safe.
+ */
+ for (i = 1; i < NUM_PORTS; i++) {
if (fwd_port_is_ephemeral(i) ||
bitmap_isset(exclude, i))
continue;
--
2.46.0