From mboxrd@z Thu Jan 1 00:00:00 1970 Received: by passt.top (Postfix, from userid 1000) id B1CB85A026C; Wed, 26 Oct 2022 18:25:31 +0200 (CEST) From: Stefano Brivio To: passt-dev@passt.top Subject: [PATCH 4/4] icmp: Don't discard first reply sequence for a given echo ID Date: Wed, 26 Oct 2022 18:25:31 +0200 Message-Id: <20221026162531.545374-5-sbrivio@redhat.com> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221026162531.545374-1-sbrivio@redhat.com> References: <20221026162531.545374-1-sbrivio@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: PNYRH55XMA2GI6VR5T44KU7ZZP74NHT2 X-Message-ID-Hash: PNYRH55XMA2GI6VR5T44KU7ZZP74NHT2 X-MailFrom: sbrivio@passt.top X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Paul Holzinger X-Mailman-Version: 3.3.3 Precedence: list List-Id: Development discussion and patches for passt Archived-At: <> Archived-At: List-Archive: <> List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: In pasta mode, ICMP and ICMPv6 echo sockets relay back to us any reply we send: we're on the same host as the target, after all. We discard them by comparing the last sequence we sent with the sequence we receive. However, on the first reply for a given identifier, the sequence might be zero, depending on the implementation of ping(8): we need another value to indicate we haven't sent any sequence number, yet. Use -1 as initialiser in the echo identifier map. This is visible with Busybox's ping, and was reported by Paul on the integration at https://github.com/containers/podman/pull/16141, with: $ podman run --net=pasta alpine ping -c 2 192.168.188.1 ...where only the second reply would be routed back. Reported-by: Paul Holzinger Fixes: 33482d5bf293 ("passt: Add PASTA mode, major rework") Signed-off-by: Stefano Brivio --- icmp.c | 16 ++++++++++++++-- icmp.h | 1 + passt.c | 3 +++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/icmp.c b/icmp.c index 9caa7e6..4ee847f 100644 --- a/icmp.c +++ b/icmp.c @@ -44,12 +44,12 @@ /** * struct icmp_id_sock - Tracking information for single ICMP echo identifier * @sock: Bound socket for identifier - * @seq: Last sequence number sent to tap, host order + * @seq: Last sequence number sent to tap, host order, -1: not sent yet * @ts: Last associated activity from tap, seconds */ struct icmp_id_sock { int sock; - uint16_t seq; + int seq; time_t ts; }; @@ -273,6 +273,7 @@ static void icmp_timer_one(const struct ctx *c, int v6, uint16_t id, epoll_ctl(c->epollfd, EPOLL_CTL_DEL, id_map->sock, NULL); close(id_map->sock); id_map->sock = 0; + id_map->seq = -1; } /** @@ -301,3 +302,14 @@ v6: goto v6; } } + +/** + * icmp_init() - Initialise sequences in ID map to -1 (no sequence sent yet) + */ +void icmp_init(void) +{ + unsigned i; + + for (i = 0; i < ICMP_NUM_IDS; i++) + icmp_id_map[V4][i].seq = icmp_id_map[V6][i].seq = -1; +} diff --git a/icmp.h b/icmp.h index 458ce31..275486d 100644 --- a/icmp.h +++ b/icmp.h @@ -15,6 +15,7 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref, int icmp_tap_handler(const struct ctx *c, int af, const void *addr, const struct pool *p, const struct timespec *now); void icmp_timer(const struct ctx *c, const struct timespec *ts); +void icmp_init(void); /** * union icmp_epoll_ref - epoll reference portion for ICMP tracking diff --git a/passt.c b/passt.c index ff4ee5d..34cd832 100644 --- a/passt.c +++ b/passt.c @@ -256,6 +256,9 @@ int main(int argc, char **argv) if ((!c.no_udp && udp_init(&c)) || (!c.no_tcp && tcp_init(&c))) exit(EXIT_FAILURE); + if (!c.no_icmp) + icmp_init(); + proto_update_l2_buf(c.mac_guest, c.mac, &c.ip4.addr); if (c.ifi4 && !c.no_dhcp) -- 2.35.1