From: David Gibson <david@gibson.dropbear.id.au>
To: passt-dev@passt.top, Stefano Brivio <sbrivio@redhat.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH v4 17/17] conf, fwd: Allow switching to new rules received from pesto
Date: Tue, 21 Apr 2026 14:42:17 +1000 [thread overview]
Message-ID: <20260421044217.2500314-18-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20260421044217.2500314-1-david@gibson.dropbear.id.au>
We can now receive updates to the forwarding rules from the pesto client
and store them in a "pending" copy of the forwarding tables. Implement
switching to using the new rules.
The logic is in a new fwd_listen_switch(). For now this closes all
listening sockets related to the old tables, swaps the active and pending
tables, then listens based on the new tables. In future we look to improve
this so that we don't temporarily stop listening on ports that both the
old and new tables specify.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
conf.c | 5 ++---
fwd.c | 34 ++++++++++++++++++++++++++++++++++
fwd.h | 1 +
3 files changed, 37 insertions(+), 3 deletions(-)
diff --git a/conf.c b/conf.c
index 3040a53c..6413602a 100644
--- a/conf.c
+++ b/conf.c
@@ -2133,15 +2133,14 @@ void conf_handler(struct ctx *c, uint32_t events)
fwd_rules_dump(info, fwd->rules, fwd->count,
" ", "");
}
+
+ fwd_listen_switch(c);
}
if (events & EPOLLHUP) {
debug("Configuration client hangup");
- goto close;
}
- return;
-
close:
conf_close(c);
}
diff --git a/fwd.c b/fwd.c
index d93d2e5d..35b9e2b0 100644
--- a/fwd.c
+++ b/fwd.c
@@ -534,6 +534,40 @@ int fwd_listen_init(const struct ctx *c)
return 0;
}
+/**
+ * fwd_listen_switch() - Switch from current to pending rules table
+ * @c: Execution context
+ */
+void fwd_listen_switch(struct ctx *c)
+{
+ struct fwd_table *tmp[PIF_NUM_TYPES];
+ unsigned i;
+
+ /* Stop listening on the old tables */
+ for (i = 0; i < PIF_NUM_TYPES; i++) {
+ struct fwd_table *fwd = c->fwd[i];
+
+ if (!fwd)
+ continue;
+
+ debug("Flushing %u old %s rules", fwd->count, pif_name(i));
+ fwd_listen_close(fwd);
+ fwd->count = fwd->sock_count = 0;
+ }
+
+ /* Swap active and pending tables */
+ static_assert(sizeof(tmp) == sizeof(c->fwd) &&
+ sizeof(tmp) == sizeof(c->fwd_pending),
+ "Temporary has wrong size");
+ memcpy(&tmp, (void *)c->fwd, sizeof(tmp));
+ memcpy((void *)c->fwd, (void *)c->fwd_pending, sizeof(tmp));
+ memcpy((void *)c->fwd_pending, &tmp, sizeof(tmp));
+
+ /* Start listening on the new tables */
+ if (fwd_listen_init(c) < 0)
+ err("Error switching to new forwarding rules");
+}
+
/* See enum in kernel's include/net/tcp_states.h */
#define UDP_LISTEN 0x07
#define TCP_LISTEN 0x0a
diff --git a/fwd.h b/fwd.h
index ac247826..b60697d9 100644
--- a/fwd.h
+++ b/fwd.h
@@ -61,6 +61,7 @@ int fwd_listen_sync(const struct ctx *c, uint8_t pif,
const struct fwd_scan *tcp, const struct fwd_scan *udp);
void fwd_listen_close(const struct fwd_table *fwd);
int fwd_listen_init(const struct ctx *c);
+void fwd_listen_switch(struct ctx *c);
bool nat_inbound(const struct ctx *c, const union inany_addr *addr,
union inany_addr *translated);
--
2.53.0
next prev parent reply other threads:[~2026-04-21 4:42 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-21 4:42 [PATCH v4 00/17] RFC: Dynamic configuration update implementation David Gibson
2026-04-21 4:42 ` [PATCH v4 01/17] conf, fwd: Stricter rule checking in fwd_rule_add() David Gibson
2026-04-21 4:42 ` [PATCH v4 02/17] fwd_rule: Move ephemeral port probing to fwd_rule.c David Gibson
2026-04-21 4:42 ` [PATCH v4 03/17] fwd, conf: Move rule parsing code to fwd_rule.[ch] David Gibson
2026-04-21 4:42 ` [PATCH v4 04/17] fwd_rule: Move conflict checking back within fwd_rule_add() David Gibson
2026-04-21 4:42 ` [PATCH v4 05/17] fwd: Generalise fwd_rules_info() David Gibson
2026-04-21 4:42 ` [PATCH v4 06/17] pif: Limit pif names to 128 bytes David Gibson
2026-04-21 4:42 ` [PATCH v4 07/17] fwd_rule: Fix some format specifiers David Gibson
2026-04-21 4:42 ` [PATCH v4 08/17] pesto: Introduce stub configuration tool David Gibson
2026-04-21 4:42 ` [PATCH v4 09/17] pesto, log: Share log.h (but not log.c) with pesto tool David Gibson
2026-04-21 4:42 ` [PATCH v4 10/17] pesto, conf: Have pesto connect to passt and check versions David Gibson
2026-04-21 4:42 ` [PATCH v4 11/17] pesto: Expose list of pifs to pesto and optionally display David Gibson
2026-04-21 4:42 ` [PATCH v4 12/17] ip: Prepare ip.[ch] for sharing with pesto tool David Gibson
2026-04-21 4:42 ` [PATCH v4 13/17] inany: Prepare inany.[ch] " David Gibson
2026-04-21 4:42 ` [PATCH v4 14/17] pesto: Read current ruleset from passt/pasta and optionally display it David Gibson
2026-04-21 4:42 ` [PATCH v4 15/17] pesto: Parse and add new rules from command line David Gibson
2026-04-21 4:42 ` [PATCH v4 16/17] pesto, conf: Send updated rules from pesto back to passt/pasta David Gibson
2026-04-21 4:42 ` David Gibson [this message]
2026-04-21 6:26 ` [PATCH v4 00/17] IGNORE RFC: Dynamic configuration update implementation David Gibson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260421044217.2500314-18-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).