From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ByHAj5xe;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTP id 0E4B45A004C
	for <passt-dev@passt.top>; Wed, 09 Oct 2024 15:07:37 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1728479255;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=nOxL25IOWkgHzrcJTfLOV/0cVEne1GVoD095DiWbnJM=;
	b=ByHAj5xeXB5N+cWVfHaV1VThdd+Fy/7luDvErGhPdrygZkZEMBIJzIDf/SgGzMwrNO4BBW
	3Az4zFhuE+sqaOVpb9qc1jgGb/6z1/SYvV9rgtYnkyVsVS2qUAjrPap9Faux2f5rGjH4iZ
	+y07LX68JhRwJF4WgiBBSnlYQRRPV5g=
Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com
 [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-231-C6tr3LJmM9K0wztkR_oEsg-1; Wed, 09 Oct 2024 09:07:34 -0400
X-MC-Unique: C6tr3LJmM9K0wztkR_oEsg-1
Received: by mail-pj1-f72.google.com with SMTP id 98e67ed59e1d1-2e2bb354e91so235412a91.2
        for <passt-dev@passt.top>; Wed, 09 Oct 2024 06:07:33 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1728479252; x=1729084052;
        h=content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=nOxL25IOWkgHzrcJTfLOV/0cVEne1GVoD095DiWbnJM=;
        b=RiPuVyTqiz3BRie+I4imivaBmDGVZ3StICrSa+Oq/tgTOfHUcA8yGhPQ9+YCLBXc3A
         /A6mrCeF05EN+abVJlKbC/poUjdigWZjgLU7n6PdeVm+Ws3P/Q9eNKz6l0MEOlwNegCA
         trDZrkV40I8uSHkBoE5Ypn8zQM8pRutvojarxNT1xoixU4kcmwWzV6dIDaRD+0x+iKdo
         hpVfSZtj0Uvncb8G3ppnhWPMfukY8Udhr2bqdm0tYb9FtHQiwEWl82uEHNSc7INQQCUP
         InEtE7lG2oiPYJxUhFPfWhKUmYZVKnSBLDxu8ERi4ttQAM6U42KAPtFKtM39OJdpIkT/
         /JeA==
X-Gm-Message-State: AOJu0YwjxGnD97UDDXwk70sH9FKWXnMDrrgz4hytBiMalc0lROrN6rIM
	KE+qy1edFr0PPiEHz6Wrx1HPCSpK6mDBlz8SXLND48jxKNQDk0ZkphxXKPyzrMkloVEVz2qzcJ7
	SFWgQ9Q5CdNFwtt9P9BHQx9u76YE8Joluu2q2GJQh6jXPzdQx5fTykmrNoA==
X-Received: by 2002:a17:90a:d518:b0:2e2:c406:ec89 with SMTP id 98e67ed59e1d1-2e2c406ecfamr260769a91.20.1728479252605;
        Wed, 09 Oct 2024 06:07:32 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IG4vOpn8Lg1eesKJPhK4i43mERZTiTzPJ4Lw4E0NKW1bHSqKztP6d2yoZpv66Ix5rCLFpCPyA==
X-Received: by 2002:a17:90a:d518:b0:2e2:c406:ec89 with SMTP id 98e67ed59e1d1-2e2c406ecfamr260733a91.20.1728479252126;
        Wed, 09 Oct 2024 06:07:32 -0700 (PDT)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1])
        by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2e2a55f98a9sm1600381a91.9.2024.10.09.06.07.31
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 09 Oct 2024 06:07:31 -0700 (PDT)
Date: Wed, 9 Oct 2024 15:07:27 +0200
From: Stefano Brivio <sbrivio@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH v4] conf: Add command line switch to enable IP_FREEBIND
 socket option
Message-ID: <20241009150727.633811b1@elisabeth>
In-Reply-To: <20241003044832.2207832-1-david@gibson.dropbear.id.au>
References: <20241003044832.2207832-1-david@gibson.dropbear.id.au>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.41; x86_64-pc-linux-gnu)
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: 5IWM4DUNT7PUT4KQFRZZC5ZEEFOEXTVJ
X-Message-ID-Hash: 5IWM4DUNT7PUT4KQFRZZC5ZEEFOEXTVJ
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20241009150727.633811b1@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/5IWM4DUNT7PUT4KQFRZZC5ZEEFOEXTVJ/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Thu,  3 Oct 2024 14:48:32 +1000
David Gibson <david@gibson.dropbear.id.au> wrote:

> In a couple of recent reports, we've seen that it can be useful for pasta
> to forward ports from addresses which are not currently configured on the
> host, but might be in future.  That can be done with the sysctl
> net.ipv4.ip_nonlocal_bind, but that does require CAP_NET_ADMIN to set in
> the first place.  We can allow the same thing on a per-socket basis with
> the IP_FREEBIND (or IPV6_FREEBIND) socket option.
> 
> Add a --freebind command line argument to enable this socket option on
> all listening sockets.
> 
> Link: https://bugs.passt.top/show_bug.cgi?id=101
> 
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

Applied.

-- 
Stefano