In pasta mode, the guest's MAC address is set up in pasta_ns_cobf() called from tap_sock_tun_init(). If we have a guest MAC configured with --ns-mac-addr, this will set the given MAC on the kernel tuntap device, or if we haven't configured one it will update our record of the guest MAC to the kernel assigned one from the device. For passt, we don't initially know the guest's MAC until we receive packets from it, so we have to initially use a broadcast address. This is - oddly - set up in an entirely different place, in conf_ip() conditional on the mode. Move it to the logically matching place for passt - tap_sock_unix_init(). Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au> --- conf.c | 3 --- tap.c | 6 ++++++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/conf.c b/conf.c index bc8851f..f5b761f 100644 --- a/conf.c +++ b/conf.c @@ -676,9 +676,6 @@ static void conf_ip(struct ctx *c) nl_link(0, c->ifi4, c->mac, 0, 0); } - if (c->mode == MODE_PASST) - memset(&c->mac_guest, 0xff, sizeof(c->mac_guest)); - if (v6 != IP_VERSION_DISABLED) { int prefix_len = 0; diff --git a/tap.c b/tap.c index a3c711c..43a7372 100644 --- a/tap.c +++ b/tap.c @@ -794,6 +794,12 @@ static void tap_sock_unix_init(struct ctx *c) exit(EXIT_FAILURE); } + /* In passt mode, we don't know the guest's MAC until it sends + * us packets. Use the broadcast address so our first packets + * will reach it. + */ + memset(&c->mac_guest, 0xff, sizeof(c->mac_guest)); + for (i = 1; i < UNIX_SOCK_MAX; i++) { char *path = addr.sun_path; -- 2.37.1