From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTP id BA2C25A024D for ; Mon, 20 Mar 2023 19:11:08 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1679335867; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gz96zGMX1hTZ3bMDwzkYQCp+nmseikYWEYSmR8olc5o=; b=DRKPWmt/74Ee41lqNUHb9CqWoKm/ZiMS1/4jx1pazckI4DYsqWfg7P1GF2IbgaS8z8/nqy nrdBrJtYPb+8W37go6T61eYtFgaw+c+s6zREyZPgviiI2a9xTN4007T4BG8C58sbZr0eiB OtuHKqMgOCeFASEPDlhefqFwSdm+Wb0= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-619-mlkvIkRFNQGr1q_3T3R00Q-1; Mon, 20 Mar 2023 14:11:05 -0400 X-MC-Unique: mlkvIkRFNQGr1q_3T3R00Q-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5033480280D for ; Mon, 20 Mar 2023 18:11:05 +0000 (UTC) Received: from pholzing-fedora.redhat.com (unknown [10.39.192.60]) by smtp.corp.redhat.com (Postfix) with ESMTP id BCD3340C83AC; Mon, 20 Mar 2023 18:11:04 +0000 (UTC) From: Paul Holzinger To: passt-dev@passt.top Subject: [PATCH] pasta: fix tcp port forwarding in auto mode Date: Mon, 20 Mar 2023 19:10:34 +0100 Message-Id: <20230320181034.87131-1-pholzing@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true Message-ID-Hash: 6IFDUZWVZFAGAJDC3LCJKF5D3USOMMLR X-Message-ID-Hash: 6IFDUZWVZFAGAJDC3LCJKF5D3USOMMLR X-MailFrom: pholzing@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Paul Holzinger X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: The logic in tcp_timer() was inverted. fwd_out should expose the host ports in the ns. Therfore it must read the ports on the host and then bind them in the netns. The same for fwd_in which checks ports in the ns and then exposes them on the host. Note that this only fixes tcp ports, udp does not seems to work at all right now with the auto mode. Signed-off-by: Paul Holzinger --- tcp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tcp.c b/tcp.c index 0214087..0d0ad13 100644 --- a/tcp.c +++ b/tcp.c @@ -89,7 +89,7 @@ * No port translation is needed for connections initiated remotely or by the * local host: source port from socket is reused while establishing connections * to the guest. - * + * * For connections initiated by the guest, it's not possible to force the same * source port as connections are established by the host kernel: that's the * only port translation needed. @@ -173,7 +173,7 @@ * new socket is created and mapped in connection tracking table, setting * MSS and window clamping from header and option of the observed SYN segment * - * + * * Aging and timeout * ----------------- * @@ -560,7 +560,7 @@ static struct tcp6_l2_flags_buf_t { #endif struct tap_hdr taph; /* 14 2 */ struct ipv6hdr ip6h; /* 32 20 */ - struct tcphdr th /* 72 */ __attribute__ ((aligned(4))); /* 60 */ + struct tcphdr th /* 72 */ __attribute__ ((aligned(4))); /* 60 */ char opts[OPT_MSS_LEN + OPT_WS_LEN + 1]; #ifdef __AVX2__ } __attribute__ ((packed, aligned(32))) @@ -3308,14 +3308,14 @@ void tcp_timer(struct ctx *c, const struct timespec *ts) struct tcp_port_detect_arg detect_arg = { c, 0 }; struct tcp_port_rebind_arg rebind_arg = { c, 0 }; - if (c->tcp.fwd_in.mode == FWD_AUTO) { + if (c->tcp.fwd_out.mode == FWD_AUTO) { detect_arg.detect_in_ns = 0; tcp_port_detect(&detect_arg); rebind_arg.bind_in_ns = 1; NS_CALL(tcp_port_rebind, &rebind_arg); } - if (c->tcp.fwd_out.mode == FWD_AUTO) { + if (c->tcp.fwd_in.mode == FWD_AUTO) { detect_arg.detect_in_ns = 1; NS_CALL(tcp_port_detect, &detect_arg); rebind_arg.bind_in_ns = 0; -- 2.39.2