From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=icA2r/E/; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by passt.top (Postfix) with ESMTPS id EDA9A5A0262 for ; Thu, 02 Jul 2026 06:58:28 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1782968307; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zW6b7nGh3AnIisl6Fmdp/zZujFHcfwxybcAzVPfsAFM=; b=icA2r/E/Vf/4BbkhLkxqmKANYQ4sIZBMeiIgmzCfwLHeyHtA1WoWquz2f87qCTeeh/Wdop IY82aU/COBvKuo7bQ7ZG4PY2cjxJ6UAX1GA3hqeoO2bJ96NrU+mh7v6uLhMHfvVtCfMkaD Krx/vcZNTtlx4vHRqiKq7rWHzpMigvI= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-480-8aluwfa_P-mtzm7oiCWLPA-1; Thu, 02 Jul 2026 00:58:26 -0400 X-MC-Unique: 8aluwfa_P-mtzm7oiCWLPA-1 X-Mimecast-MFC-AGG-ID: 8aluwfa_P-mtzm7oiCWLPA_1782968305 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-493c619bb52so1469545e9.1 for ; Wed, 01 Jul 2026 21:58:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782968305; x=1783573105; h=date:content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=zW6b7nGh3AnIisl6Fmdp/zZujFHcfwxybcAzVPfsAFM=; b=FcHQz8rSHMS82OE5SCGYFg64XR90mnSGmTB5ppnzcJ6vIWmNcgUCkZ23eKnlXEfU5p hXeXkf3PEdFm4Qq3PP8ZngN3zibchYQwJcsWH4xfcsMrKWK4/TLXdolegvUAu8TH43kW VduV13kxhE5ouOZhUuLuzsuh0IsS5Z0Fo5PxBCjeModQkbbSHQ5TcDDEPpI70ZHEf42c J4g+ycw1Ino3/2HWxdLZDqvs3z+1q6aT1Wg6dWDaHjD992oXDq8gmMf1jnm+1iNP9xbO tps77wZO1cEo8cl4PJhqihZt2rb003bXnvvr30MuA6lDU48joHycQEDB760BTf/Yt7sZ HSKQ== X-Gm-Message-State: AOJu0Yw05ApULvM+HWUCRBPbN5wen/2++jcYvZirNEbnkSI5GLd6vj9Y v9SC+c6YjgED0Lz5Zl8ypDxvvF9LR21zIoFJXy5iemsJ6P1s55opFvDiJocCy4/B3K7jsgvwwfH LiHUTVF+Mn1IzwkM04jt+dSCUbH4p1wrAMxIuolakIgMeMv65AeQQygO7gL1+dA== X-Gm-Gg: AfdE7ckGwnGZT1U49VugdRSThYZr7PSxKavTs2w0ZJd2ArnsAzi8uNBaUB4j2nl5CSd FI9XQFZhH2XkB53ewWEVoIxmRS6NtzyMg52mxFDBSkdIOlxk6c/gDVH2WTApogBeWVh6FfgwvJ8 pjezRn4BWJpvzvRW4MNfomx4rWfVra8YFWc0CO8yWmoxwMzr1c+G6/ob6Fd1f4f1Ek6TLuuyRRZ axSAMXj0PNiT9ms3704kPoxlp+/WRBEQyzJc8psjCsbJSzyEMFfHu1t02ReYrWSYy/Nk2EPxoqB gYIg1as/0QHp3dDNyilaN1yps28PvlIsZQY+SACvVzIsZxQv8ck2OhCGMijyJNKTFooV710zDmZ 6UMtp56eGjIw8S2xZ6XV5qRbCTh68JRPIZbMoKEI= X-Received: by 2002:a05:600c:2204:b0:492:3d05:5639 with SMTP id 5b1f17b1804b1-493c2babf99mr42840425e9.36.1782968304814; Wed, 01 Jul 2026 21:58:24 -0700 (PDT) X-Received: by 2002:a05:600c:2204:b0:492:3d05:5639 with SMTP id 5b1f17b1804b1-493c2babf99mr42840305e9.36.1782968304223; Wed, 01 Jul 2026 21:58:24 -0700 (PDT) Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [176.103.220.4]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-493c6354977sm19129785e9.2.2026.07.01.21.58.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jul 2026 21:58:23 -0700 (PDT) From: Stefano Brivio To: David Gibson Subject: Re: [PATCH 1/3] fwd_rule: Parse target adddresses for forwarding rules Message-ID: <20260702065821.745bbd05@elisabeth> In-Reply-To: <20260701070811.1944139-2-david@gibson.dropbear.id.au> References: <20260701070811.1944139-1-david@gibson.dropbear.id.au> <20260701070811.1944139-2-david@gibson.dropbear.id.au> Organization: Red Hat X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu) MIME-Version: 1.0 Date: Thu, 02 Jul 2026 06:58:23 +0200 (CEST) X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: LgxgOAqldPTO9l5cLpk4bTziTaoLkmAXm4RlkFE0kZA_1782968305 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-ID-Hash: A6FAJDVVTAX2HP6E6H5FV7N6CLP2TFMT X-Message-ID-Hash: A6FAJDVVTAX2HP6E6H5FV7N6CLP2TFMT X-MailFrom: sbrivio@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Nit, in the title: addresses. On Wed, 1 Jul 2026 17:08:09 +1000 David Gibson wrote: > Extend the parsing of forwarding rules (-[tu]) to allow the destination > address on the target side to be specified. For now just parse them, and > give an error if we try to create rules with a specified target address. > We'll implement the actual forwarding logic in another patch. > > Format (for either command line or pesto): > -t 2222:192.0.2.1/2222 > > This should work along with all the other bits, that is, say: > -t 192.0.2.1%eth0/2222-2225:192.0.2.2/22-25 > > FIXME: Ban for -[TU] for now > FIXME: Check interaction with splice handling > > Signed-off-by: Stefano Brivio > [dwg: Syntax from Stefano's earlier draft, largely rewritten on top of new > parsing helpers] > Signed-off-by: David Gibson > --- > fwd_rule.c | 38 +++++++++++++++++++++++++++++++------- > 1 file changed, 31 insertions(+), 7 deletions(-) > > diff --git a/fwd_rule.c b/fwd_rule.c > index ca409eaf..e8abc884 100644 > --- a/fwd_rule.c > +++ b/fwd_rule.c > @@ -378,14 +378,17 @@ int fwd_rule_add(struct fwd_table *fwd, const struct fwd_rule *new) > * @first: First port to forward > * @last: Last port to forward > * @exclude: Bitmap of ports to exclude (may be NULL) > - * @to: Port to translate @first to when forwarding > + * @tgt_addr: Destination address on the target side > + * @tgt_first: Destination port to use for @first on the traget side Nit: target. > * @flags: Flags for forwarding entries > */ > static void fwd_rule_range_except(struct fwd_table *fwd, bool del, > uint8_t proto, const union inany_addr *addr, > const char *ifname, > uint16_t first, uint16_t last, > - const uint8_t *exclude, uint16_t to, > + const uint8_t *exclude, > + const union inany_addr *tgt_addr, > + uint16_t tgt_first, > uint8_t flags) > { > struct fwd_rule rule = { > @@ -395,9 +398,17 @@ static void fwd_rule_range_except(struct fwd_table *fwd, bool del, > .flags = flags, > }; > char rulestr[FWD_RULE_STRLEN]; > - unsigned delta = to - first; > + unsigned delta = tgt_first - first; Nit: should be moved above now. > unsigned base, i; > > + if (tgt_addr && !inany_is_unspecified(tgt_addr)) { > + char astr[INANY_ADDRSTRLEN]; > + > + info("Target address: %s", > + inany_ntop(tgt_addr, astr, sizeof(astr))); > + die("Target address remapping not yet implemented"); > + } > + > if (!addr) > rule.flags |= FWD_DUAL_STACK_ANY; > if (ifname) { > @@ -458,14 +469,17 @@ enum fwd_port_chunk_kind { > * @cursor: Parsing point (see parse.c) > * @kindp: Updated with kind of chunk we parsed > * @lrange: Updated with listening port range (for INCLUDE & EXCLUDE) > + * @taddr: Updated with target address (for INCLUDE) > * @trange: Updated with target port range (for INCLUDE) > */ > static bool parse_port_chunk(const char **cursor, > enum fwd_port_chunk_kind *kindp, > struct port_range *lrange, > + union inany_addr *taddr, > struct port_range *trange) > { > struct port_range lr = { 0 }, tr = { 0 }; > + union inany_addr taddr_tmp = inany_any6; > enum fwd_port_chunk_kind kind; > const char *p = *cursor; > > @@ -481,6 +495,12 @@ static bool parse_port_chunk(const char **cursor, > kind = CHUNK_INCLUDE; > > if (parse_literal(&p, ":")) { > + const char *tgtspec = p; > + > + if (!parse_inany(&p, &taddr_tmp) || > + !parse_literal(&p, "/")) This is to support ":/PORT" together with ":ADDR/PORT", right? I think it's nice to have for users, but it looks inconsistent here, so maybe you could add a comment before that, say: /* Accept :/PORT as well as :ADDR/PORT */ > + p = tgtspec; /* No target address, backtrack */ > + > if (!parse_port_range(&p, &tr)) > return false; > } else { > @@ -492,6 +512,8 @@ static bool parse_port_chunk(const char **cursor, > > *kindp = kind; > *lrange = lr; > + if (taddr) > + *taddr = taddr_tmp; > if (trange) > *trange = tr; > *cursor = p; > @@ -561,7 +583,7 @@ static void fwd_rule_parse_ports(struct fwd_table *fwd, bool del, uint8_t proto, > /* Consider excluded ranges and "auto" in the first pass */ > p = spec; > do { > - if (!parse_port_chunk(&p, &kind, &lrange, NULL)) > + if (!parse_port_chunk(&p, &kind, &lrange, NULL, NULL)) > goto bad; > > switch (kind) { > @@ -586,8 +608,9 @@ static void fwd_rule_parse_ports(struct fwd_table *fwd, bool del, uint8_t proto, > p = spec; > do { > struct port_range trange; > + union inany_addr taddr; > > - if (!parse_port_chunk(&p, &kind, &lrange, &trange)) > + if (!parse_port_chunk(&p, &kind, &lrange, &taddr, &trange)) > goto bad; > > switch (kind) { > @@ -604,7 +627,8 @@ static void fwd_rule_parse_ports(struct fwd_table *fwd, bool del, uint8_t proto, > > fwd_rule_range_except(fwd, del, proto, addr, ifname, > lrange.first, lrange.last, > - exclude, trange.first, flags); > + exclude, &taddr, trange.first, > + flags); > break; > default: > goto bad; > @@ -620,7 +644,7 @@ static void fwd_rule_parse_ports(struct fwd_table *fwd, bool del, uint8_t proto, > > fwd_rule_range_except(fwd, del, proto, addr, ifname, > 1, NUM_PORTS - 1, exclude, > - 1, flags | FWD_WEAK); > + NULL, 1, flags | FWD_WEAK); > } > return; > bad: The rest of the series looks good to me, but I didn't test things at all. By the way, man page and usage changes for 3/3 are missing. I haven't seen anything preventing mapping between IPv4 and IPv6, but I guess I missed something. I actually think it would be a nice feature but I guess it needs some more effort to properly support it. -- Stefano