From: Laurent Vivier <lvivier@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>,
passt-dev@passt.top, Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH v3 08/11] fwd_rule: Move ephemeral port probing to fwd_rule.c
Date: Mon, 20 Apr 2026 18:52:33 +0200 [thread overview]
Message-ID: <619d75bc-4b1c-4563-b6e9-0db37598e19f@redhat.com> (raw)
In-Reply-To: <20260417050520.102247-9-david@gibson.dropbear.id.au>
On 4/17/26 07:05, David Gibson wrote:
> We want to move parsing of forward rule options to fwd_rule.c so it can
> eventually be shared with a configuration client. As a preliminary step,
> move the ephemeral port probing there, which that will need to use.
>
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
> ---
> fwd.c | 73 --------------------------------------------------
> fwd.h | 6 -----
> fwd_rule.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> fwd_rule.h | 6 +++++
> 4 files changed, 84 insertions(+), 79 deletions(-)
>
> diff --git a/fwd.c b/fwd.c
> index aa966731..9a7053fd 100644
> --- a/fwd.c
> +++ b/fwd.c
> @@ -34,12 +34,6 @@
> #include "arp.h"
> #include "ndp.h"
>
> -/* Ephemeral port range: values from RFC 6335 */
> -static in_port_t fwd_ephemeral_min = (1 << 15) + (1 << 14);
> -static in_port_t fwd_ephemeral_max = NUM_PORTS - 1;
> -
> -#define PORT_RANGE_SYSCTL "/proc/sys/net/ipv4/ip_local_port_range"
> -
> #define NEIGH_TABLE_SLOTS 1024
> #define NEIGH_TABLE_SIZE (NEIGH_TABLE_SLOTS / 2)
> static_assert((NEIGH_TABLE_SLOTS & (NEIGH_TABLE_SLOTS - 1)) == 0,
> @@ -249,73 +243,6 @@ void fwd_neigh_table_init(const struct ctx *c)
> fwd_neigh_table_update(c, &mga, c->our_tap_mac, true);
> }
>
> -/** fwd_probe_ephemeral() - Determine what ports this host considers ephemeral
> - *
> - * Work out what ports the host thinks are emphemeral and record it for later
> - * use by fwd_port_is_ephemeral(). If we're unable to probe, assume the range
> - * recommended by RFC 6335.
> - */
> -void fwd_probe_ephemeral(void)
> -{
> - char *line, *tab, *end;
> - struct lineread lr;
> - long min, max;
> - ssize_t len;
> - int fd;
> -
> - fd = open(PORT_RANGE_SYSCTL, O_RDONLY | O_CLOEXEC);
> - if (fd < 0) {
> - warn_perror("Unable to open %s", PORT_RANGE_SYSCTL);
> - return;
> - }
> -
> - lineread_init(&lr, fd);
> - len = lineread_get(&lr, &line);
> - close(fd);
> -
> - if (len < 0)
> - goto parse_err;
> -
> - tab = strchr(line, '\t');
> - if (!tab)
> - goto parse_err;
> - *tab = '\0';
> -
> - errno = 0;
> - min = strtol(line, &end, 10);
> - if (*end || errno)
> - goto parse_err;
> -
> - errno = 0;
> - max = strtol(tab + 1, &end, 10);
> - if (*end || errno)
> - goto parse_err;
> -
> - if (min < 0 || min >= (long)NUM_PORTS ||
> - max < 0 || max >= (long)NUM_PORTS)
> - goto parse_err;
> -
> - fwd_ephemeral_min = min;
> - fwd_ephemeral_max = max;
> -
> - return;
> -
> -parse_err:
> - warn("Unable to parse %s", PORT_RANGE_SYSCTL);
> -}
> -
> -/**
> - * fwd_port_map_ephemeral() - Mark ephemeral ports in a bitmap
> - * @map: Bitmap to update
> - */
> -void fwd_port_map_ephemeral(uint8_t *map)
> -{
> - unsigned port;
> -
> - for (port = fwd_ephemeral_min; port <= fwd_ephemeral_max; port++)
> - bitmap_set(map, port);
> -}
> -
> /* Forwarding table storage, generally accessed via pointers in struct ctx */
> static struct fwd_table fwd_in;
> static struct fwd_table fwd_out;
> diff --git a/fwd.h b/fwd.h
> index 3e365d35..e664d1d0 100644
> --- a/fwd.h
> +++ b/fwd.h
> @@ -20,12 +20,6 @@
>
> struct flowside;
>
> -/* Number of ports for both TCP and UDP */
> -#define NUM_PORTS (1U << 16)
> -
> -void fwd_probe_ephemeral(void);
> -void fwd_port_map_ephemeral(uint8_t *map);
> -
> #define FWD_RULE_BITS 8
> #define MAX_FWD_RULES MAX_FROM_BITS(FWD_RULE_BITS)
> #define FWD_NO_HINT (-1)
> diff --git a/fwd_rule.c b/fwd_rule.c
> index 47d8df1c..9d489827 100644
> --- a/fwd_rule.c
> +++ b/fwd_rule.c
> @@ -15,9 +15,87 @@
> * Author: David Gibson <david@gibson.dropbear.id.au>
> */
>
> +#include <errno.h>
> +#include <fcntl.h>
> #include <stdio.h>
> +#include <unistd.h>
>
> #include "fwd_rule.h"
> +#include "lineread.h"
> +#include "log.h"
> +
> +/* Ephemeral port range: values from RFC 6335 */
> +static in_port_t fwd_ephemeral_min = (1 << 15) + (1 << 14);
> +static in_port_t fwd_ephemeral_max = NUM_PORTS - 1;
> +
> +#define PORT_RANGE_SYSCTL "/proc/sys/net/ipv4/ip_local_port_range"
> +
> +/** fwd_probe_ephemeral() - Determine what ports this host considers ephemeral
> + *
> + * Work out what ports the host thinks are emphemeral and record it for later
> + * use by fwd_port_is_ephemeral(). If we're unable to probe, assume the range
> + * recommended by RFC 6335.
> + */
> +void fwd_probe_ephemeral(void)
> +{
> + char *line, *tab, *end;
> + struct lineread lr;
> + long min, max;
> + ssize_t len;
> + int fd;
> +
> + fd = open(PORT_RANGE_SYSCTL, O_RDONLY | O_CLOEXEC);
> + if (fd < 0) {
> + warn_perror("Unable to open %s", PORT_RANGE_SYSCTL);
> + return;
> + }
> +
> + lineread_init(&lr, fd);
> + len = lineread_get(&lr, &line);
> + close(fd);
> +
> + if (len < 0)
> + goto parse_err;
> +
> + tab = strchr(line, '\t');
> + if (!tab)
> + goto parse_err;
> + *tab = '\0';
> +
> + errno = 0;
> + min = strtol(line, &end, 10);
> + if (*end || errno)
> + goto parse_err;
> +
> + errno = 0;
> + max = strtol(tab + 1, &end, 10);
> + if (*end || errno)
> + goto parse_err;
> +
> + if (min < 0 || min >= (long)NUM_PORTS ||
> + max < 0 || max >= (long)NUM_PORTS)
> + goto parse_err;
> +
> + fwd_ephemeral_min = min;
> + fwd_ephemeral_max = max;
> +
> + return;
> +
> +parse_err:
> + warn("Unable to parse %s", PORT_RANGE_SYSCTL);
> +}
> +
> +/**
> + * fwd_port_map_ephemeral() - Mark ephemeral ports in a bitmap
> + * @map: Bitmap to update
> + */
> +void fwd_port_map_ephemeral(uint8_t *map)
> +{
> + unsigned port;
> +
> + for (port = fwd_ephemeral_min; port <= fwd_ephemeral_max; port++)
> + bitmap_set(map, port);
> +}
>
> /**
> * fwd_rule_addr() - Return match address for a rule
> diff --git a/fwd_rule.h b/fwd_rule.h
> index edba6782..5c7b67aa 100644
> --- a/fwd_rule.h
> +++ b/fwd_rule.h
> @@ -17,6 +17,9 @@
> #include "inany.h"
> #include "bitmap.h"
>
> +/* Number of ports for both TCP and UDP */
> +#define NUM_PORTS (1U << 16)
> +
> /* Forwarding capability bits */
> #define FWD_CAP_IPV4 BIT(0)
> #define FWD_CAP_IPV6 BIT(1)
> @@ -51,6 +54,9 @@ struct fwd_rule {
> uint8_t flags;
> };
>
> +void fwd_probe_ephemeral(void);
> +void fwd_port_map_ephemeral(uint8_t *map);
> +
> #define FWD_RULE_STRLEN \
> (IPPROTO_STRLEN - 1 \
> + INANY_ADDRSTRLEN - 1 \
next prev parent reply other threads:[~2026-04-20 16:52 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-17 5:05 [PATCH v3 00/11] Rework forwarding option parsing David Gibson
2026-04-17 5:05 ` [PATCH v3 01/11] doc: Rework man page description of port specifiers David Gibson
2026-04-20 13:31 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 02/11] conf: Move "all" handling to port specifier David Gibson
2026-04-20 13:44 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 03/11] conf: Allow user-specified auto-scanned port forwarding ranges David Gibson
2026-04-20 14:45 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 04/11] conf: Move SO_BINDTODEVICE workaround to conf_ports() David Gibson
2026-04-20 15:06 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 05/11] conf: Don't pass raw commandline argument to conf_ports_spec() David Gibson
2026-04-20 16:11 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 06/11] fwd, conf: Add capabilities bits to each forwarding table David Gibson
2026-04-20 16:17 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 07/11] conf, fwd: Stricter rule checking in fwd_rule_add() David Gibson
2026-04-20 16:48 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 08/11] fwd_rule: Move ephemeral port probing to fwd_rule.c David Gibson
2026-04-20 16:52 ` Laurent Vivier [this message]
2026-04-17 5:05 ` [PATCH v3 09/11] fwd, conf: Move rule parsing code to fwd_rule.[ch] David Gibson
2026-04-20 17:06 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 10/11] fwd_rule: Move conflict checking back within fwd_rule_add() David Gibson
2026-04-20 17:15 ` Laurent Vivier
2026-04-17 5:05 ` [PATCH v3 11/11] fwd: Generalise fwd_rules_info() David Gibson
2026-04-20 17:21 ` Laurent Vivier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=619d75bc-4b1c-4563-b6e9-0db37598e19f@redhat.com \
--to=lvivier@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).