From: Stefano Brivio
Add a 'taddr' field to forwarding rules, which controls the destination
address on the target side. Since changing the structure alters the pesto
update protocol, bump the protocol version number
Signed-off-by: Stefano Brivio
[dwg: Split from option parsing code, added protocol version bump,
explicitly exclude splicing with target address for now]
Signed-off-by: David Gibson
---
fwd.c | 8 ++++++--
fwd_rule.c | 9 +--------
fwd_rule.h | 2 ++
pesto.h | 6 +++++-
4 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/fwd.c b/fwd.c
index 659f8d9f..84400948 100644
--- a/fwd.c
+++ b/fwd.c
@@ -1023,7 +1023,9 @@ uint8_t fwd_nat_from_host(const struct ctx *c,
/* Common for spliced and non-spliced cases */
tgt->eport = rule->to + (ini->oport - rule->first);
- if (!c->no_splice && inany_is_loopback(&ini->eaddr) &&
+ /* TODO: Allow splicing with specified target address */
+ if (!c->no_splice && inany_is_unspecified(&rule->taddr) &&
+ inany_is_loopback(&ini->eaddr) &&
(proto == IPPROTO_TCP || proto == IPPROTO_UDP)) {
/* spliceable */
@@ -1072,7 +1074,9 @@ uint8_t fwd_nat_from_host(const struct ctx *c,
}
tgt->oport = ini->eport;
- if (inany_v4(&tgt->oaddr)) {
+ if (!inany_is_unspecified(&rule->taddr)) {
+ tgt->eaddr = rule->taddr;
+ } else if (inany_v4(&tgt->oaddr)) {
tgt->eaddr = inany_from_v4(c->ip4.addr_seen);
} else {
if (inany_is_linklocal6(&tgt->oaddr))
diff --git a/fwd_rule.c b/fwd_rule.c
index e8abc884..494d3fc3 100644
--- a/fwd_rule.c
+++ b/fwd_rule.c
@@ -393,6 +393,7 @@ static void fwd_rule_range_except(struct fwd_table *fwd, bool del,
{
struct fwd_rule rule = {
.addr = addr ? *addr : inany_any6,
+ .taddr = tgt_addr ? *tgt_addr : inany_any6,
.ifname = { 0 },
.proto = proto,
.flags = flags,
@@ -401,14 +402,6 @@ static void fwd_rule_range_except(struct fwd_table *fwd, bool del,
unsigned delta = tgt_first - first;
unsigned base, i;
- if (tgt_addr && !inany_is_unspecified(tgt_addr)) {
- char astr[INANY_ADDRSTRLEN];
-
- info("Target address: %s",
- inany_ntop(tgt_addr, astr, sizeof(astr)));
- die("Target address remapping not yet implemented");
- }
-
if (!addr)
rule.flags |= FWD_DUAL_STACK_ANY;
if (ifname) {
diff --git a/fwd_rule.h b/fwd_rule.h
index 435be5bd..c782f9d4 100644
--- a/fwd_rule.h
+++ b/fwd_rule.h
@@ -33,6 +33,7 @@
/**
* struct fwd_rule - Forwarding rule governing a range of ports
* @addr: Address to forward from
+ * @taddr: Target side destination address
* @ifname: Interface to forward from
* @first: First port number to forward
* @last: Last port number to forward
@@ -45,6 +46,7 @@
*/
struct fwd_rule {
union inany_addr addr;
+ union inany_addr taddr;
char ifname[IFNAMSIZ];
in_port_t first;
in_port_t last;
diff --git a/pesto.h b/pesto.h
index 980cc17d..8db701b4 100644
--- a/pesto.h
+++ b/pesto.h
@@ -15,7 +15,11 @@
#define PESTO_SERVER_MAGIC "basil:s"
/* Version 0 is reserved for unreleased / unsupported experimental versions */
-#define PESTO_PROTOCOL_VERSION 1
+/* Version 1 had no target address field in struct fwd_rule. It was released,
+ * but was little enough used that we decided not to implement backwards
+ * compatiblity code (i.e. a v2 pesto will not work with a v1 pasta)
+ */
+#define PESTO_PROTOCOL_VERSION 2
/* Maximum size of a pif name, including \0 */
#define PIF_NAME_SIZE (128)
--
2.54.0