On Fri, Jun 19, 2026 at 9:24 AM David Gibson wrote: > On Wed, Jun 17, 2026 at 06:52:37PM +0530, Anshu Kumari wrote: > > Introduce the --dhcp-opt flag that allows setting arbitrary DHCP > > options from command-line in the form [--dhcp-opt CODE,VALUE]. > > > > Add a type lookup table mapping option codes to RFC 2132 value types > > (IPv4, IPv4 list, integer, string) and dhcp_opt_parse() to convert > > CLI strings to binary wire format. Parsed options are stored in > > struct ctx and injected into DHCP replies. If the same option code > > is given more than once, the last value wins. > > > > Link: https://bugs.passt.top/show_bug.cgi?id=192 > > Signed-off-by: Anshu Kumari > > --- > > v4: > > - Renamed custom_opts to dhcp_opts, 256 entries indexed by option > > code, removed MAX_CUSTOM_DHCP_OPTS and count field. > > - Changed str buffer from 256 to 255 bytes. > > - Moved function to conf.c as static conf_dhcp_option(), renamed > > from dhcp_add_option(). > > - Made dhcp_opt_parse() non-static, declared in dhcp.h > > - Dropped val/len from ctx struct; conf_dhcp_option() validates > > with temp buffer, dhcp() parses str directly into opts[] at > > reply time. > > Hmm. So each option is parsed twice. What prevents you from parsing > directly into the opts[] array at conf() time? > The first parse acts as a validation step to check that the user has entered the correct value format for the option. Without it, if the user passes something like *--dhcp-opt 3,notanip*, the error would surface only when the first DHCP client connects, not at startup. I think it's better to fail during startup if correct value format is not entered in command-line rather than failing at later stage during reply time. > > > - Replaced strtok_r() + 256-byte buffer with strcspn() + > > INET_ADDRSTRLEN buffer. > > - Added DHCP_OPT_SINT32 for option 2 (Time Offset), uses strtol() > > per RFC 2132 Section 8.2. > > - All errors in dhcp_opt_parse() return -1, removed die() calls; > > caller handles error message consistently. > > - Removed redundant !slen check in DHCP_OPT_STR case. > > - Omitted explicit array size for dhcp_opt_types[], arraydded bounds > > check before lookup. > > - Added errno = 0 + errno check for strtoul() in case 34. > > - Fixed usage text: "Set DHCP option CODE to VAL". > > - Improved man page: added format description and examples > > > > v3: > > - Replaced DHCP_OPT_INTEGER with separate DHCP_OPT_INT8/INT16/INT32 > > enums, removed dhcp_opt_int_width[] array. > > - Shared logic between DHCP_OPT_IPV4 and DHCP_OPT_IPV4_LIST — parse > > both as list, error if >1 in single case. > > - Added errno = 0 before strtoul() and check after. > > - Fixed range check: 1ULL << (width * 8) for all widths including > > width==4. > > - strncpy → memcpy for DHCP_OPT_STR. > > - Moved enum to dhcp.c since not used in other files. > > - Removed options 55, 61 (client-only), 119 (DNS compression, use > > --dhcp-search instead), 33 (IP pairs not supported). > > - DHCP_OPT_PARSE_BUF 1024 → char tmp[256]. > > - Upgraded dhcp_add_option() to call dhcp_opt_parse() and populate > > val[]/len. > > - Aligned array entries for readability. > > - Added tab after @DHCP_OPT_IPV4_LIST: in kerneldoc. > > - Reject empty value strings before parsing > > - Reject leading/trailing/consecutive commas in IP list values. > > > > v2: > > - Replaced struct lookup table + dhcp_opt_type_lookup() function with > flat dhcp_opt_types[256] array indexed by code. > > - Consolidated DHCP_OPT_UINT8/UINT16/UINT32 into single > DHCP_OPT_INTEGER with dhcp_opt_int_width[256] table. > > - Dropped DHCP_OPT_ROUTES / option 121 entirely. > > - Added kerneldoc for enum dhcp_opt_type values. > > - Removed curly braces from switch cases, declarations before switch. > > - Added newlines before return statements. > > - Changed IP list delimiter from space to comma (--dhcp-opt > 6,1.1.1.1,8.8.8.8). > > - Defined DHCP_OPT_PARSE_BUF constant for bare 1024. > > - Added len and val[255] fields to struct here (moved from patch 1). > > - Added kerneldoc for @custom_opts.len and @custom_opts.val. > > - Wired dhcp_opt_parse() into case 32 (--dhcp-boot) to populate > val/len. > > --- > > conf.c | 45 ++++++++++++- > > dhcp.c | 191 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > dhcp.h | 2 + > > passt.1 | 42 +++++++++++++ > > passt.h | 6 ++ > > 5 files changed, 285 insertions(+), 1 deletion(-) > > > > diff --git a/conf.c b/conf.c > > index cd05adf..836b297 100644 > > --- a/conf.c > > +++ b/conf.c > > @@ -47,6 +47,7 @@ > > #include "lineread.h" > > #include "isolation.h" > > #include "log.h" > > +#include "dhcp.h" > > #include "vhost_user.h" > > #include "epoll_ctl.h" > > #include "conf.h" > > @@ -616,7 +617,8 @@ static void usage(const char *name, FILE *f, int > status) > > " -S, --search LIST Space-separated list, search > domains\n" > > " a single, empty option disables the DNS search list\n" > > " -H, --hostname NAME Hostname to configure client > with\n" > > - " --fqdn NAME FQDN to configure client with\n"); > > + " --fqdn NAME FQDN to configure client with\n" > > + " --dhcp-opt CODE,VAL Set DHCP option CODE to VAL\n"); > > if (strstr(name, "pasta")) > > FPRINTF(f, " default: don't use any search list\n"); > > else > > @@ -844,6 +846,10 @@ static void conf_print(const struct ctx *c) > > info(" router: %s", > > inet_ntop(AF_INET, &c->ip4.guest_gw, > > buf, sizeof(buf))); > > + for (i = 1; i < 255; i++) > > + if (*c->dhcp_opts[i].str) > > + info(" option %u: %s", i, > > + c->dhcp_opts[i].str); > > } > > > > for (i = 0; i < ARRAY_SIZE(c->ip4.dns); i++) { > > @@ -1150,6 +1156,25 @@ static void conf_sock_listen(const struct ctx *c) > > die_perror("Couldn't add configuration socket to epoll"); > > } > > > > +/** > > + * conf_dhcp_option() - Set value for a DHCP option in configuration > > + * @c: Execution context > > + * @code: DHCP option code > > + * @val_str: Value string from command line > > + */ > > +static void conf_dhcp_option(struct ctx *c, uint8_t code, const char > *val_str) > > +{ > > + uint8_t tmp[255]; > > + > > + if (dhcp_opt_parse(code, val_str, tmp, sizeof(tmp)) < 0) > > + die("Invalid value for DHCP option %u: %s", code, val_str); > > + > > + if (snprintf_check(c->dhcp_opts[code].str, > > + sizeof(c->dhcp_opts[0].str), > > + "%s", val_str)) > > + die("DHCP option value too long: %s", val_str); > > +} > > + > > /** > > * conf() - Process command-line arguments and set configuration > > * @c: Execution context > > @@ -1233,6 +1258,7 @@ void conf(struct ctx *c, int argc, char **argv) > > {"migrate-no-linger", no_argument, NULL, 30 > }, > > {"stats", required_argument, NULL, 31 > }, > > {"conf-path", required_argument, NULL, > 'c' }, > > + {"dhcp-opt", required_argument, NULL, 34 > }, > > { 0 }, > > }; > > const char *optstring = > "+dqfel:hs:c:F:I:p:P:m:a:n:M:g:i:o:D:S:H:461t:u:T:U:"; > > @@ -1248,10 +1274,13 @@ void conf(struct ctx *c, int argc, char **argv) > > uint8_t prefix_len_from_opt = 0; > > unsigned int ifi4 = 0, ifi6 = 0; > > const char *logfile = NULL; > > + unsigned long optcode; > > char *runas = NULL; > > size_t logsize = 0; > > + const char *comma; > > long fd_tap_opt; > > int name, ret; > > + char *end; > > uid_t uid; > > gid_t gid; > > > > @@ -1467,6 +1496,20 @@ void conf(struct ctx *c, int argc, char **argv) > > die("Can't display statistics if not > running in foreground"); > > c->stats = strtol(optarg, NULL, 0); > > break; > > + case 34: > > + comma = strchr(optarg, ','); > > + if (!comma) > > + die("--dhcp-opt requires CODE,VALUE > format"); > > + > > + errno = 0; > > + optcode = strtoul(optarg, &end, 0); > > + if (end != comma || errno || > > + optcode < 1 || optcode > 254) > > + die("DHCP option code must be 1-254: %s", > > + optarg); > > + > > + conf_dhcp_option(c, optcode, comma + 1); > > + break; > > case 'd': > > c->debug = 1; > > c->quiet = 0; > > diff --git a/dhcp.c b/dhcp.c > > index 78790d8..47bb524 100644 > > --- a/dhcp.c > > +++ b/dhcp.c > > @@ -23,6 +23,7 @@ > > #include > > #include > > #include > > +#include > > > > #include "util.h" > > #include "ip.h" > > @@ -130,6 +131,189 @@ struct msg { > > uint8_t o[OPT_MAX + 1 /* End option */ ]; > > } __attribute__((__packed__)); > > > > +/** > > + * enum dhcp_opt_type - DHCP option value types per RFC 2132 > > + * @DHCP_OPT_NONE: Unsupported or unknown option > > + * @DHCP_OPT_STR: Variable-length string > > + * @DHCP_OPT_IPV4: Single IPv4 address > > + * @DHCP_OPT_IPV4_LIST: Multiple IPv4 addresses, comma-separated > > + * @DHCP_OPT_INT8: Unsigned 8-bit integer > > + * @DHCP_OPT_INT16: Unsigned 16-bit integer > > + * @DHCP_OPT_INT32: Unsigned 32-bit integer > > + * @DHCP_OPT_SINT32: Signed 32-bit integer > > For consistency with C conventions, I'd suggset UINT{8,16,32} and just > INT32 for the signed case. > > > + */ > > +enum dhcp_opt_type { > > + DHCP_OPT_NONE, > > + DHCP_OPT_STR, > > + DHCP_OPT_IPV4, > > + DHCP_OPT_IPV4_LIST, > > + DHCP_OPT_INT8, > > + DHCP_OPT_INT16, > > + DHCP_OPT_INT32, > > + DHCP_OPT_SINT32, > > +}; > > + > > +/** > > + * dhcp_opt_types - Maps option code to RFC 2132 value type, indexed by > code > > + */ > > +static const enum dhcp_opt_type dhcp_opt_types[] = { > > + [1] = DHCP_OPT_IPV4, /* Subnet Mask */ > > + [2] = DHCP_OPT_SINT32, /* Time Offset */ > > + [3] = DHCP_OPT_IPV4_LIST, /* Router */ > > + [4] = DHCP_OPT_IPV4_LIST, /* Time Server */ > > + [5] = DHCP_OPT_IPV4_LIST, /* Name Server */ > > + [6] = DHCP_OPT_IPV4_LIST, /* Domain Name Server */ > > + [7] = DHCP_OPT_IPV4_LIST, /* Log Server */ > > + [8] = DHCP_OPT_IPV4_LIST, /* Cookie Server */ > > + [9] = DHCP_OPT_IPV4_LIST, /* LPR Server */ > > + [10] = DHCP_OPT_IPV4_LIST, /* Impress Server */ > > + [11] = DHCP_OPT_IPV4_LIST, /* Resource Location Server */ > > + [12] = DHCP_OPT_STR, /* Host Name */ > > + [13] = DHCP_OPT_INT16, /* Boot File Size */ > > + [15] = DHCP_OPT_STR, /* Domain Name */ > > + [16] = DHCP_OPT_IPV4, /* Swap Server */ > > + [17] = DHCP_OPT_STR, /* Root Path */ > > + [19] = DHCP_OPT_INT8, /* IP Forwarding */ > > + [23] = DHCP_OPT_INT8, /* Default IP TTL */ > > + [26] = DHCP_OPT_INT16, /* Interface MTU */ > > + [28] = DHCP_OPT_IPV4, /* Broadcast Address */ > > + [37] = DHCP_OPT_INT8, /* TCP Default TTL */ > > + [38] = DHCP_OPT_INT32, /* TCP Keepalive Interval */ > > + [40] = DHCP_OPT_STR, /* NIS Domain Name */ > > + [41] = DHCP_OPT_IPV4_LIST, /* NIS Servers */ > > + [42] = DHCP_OPT_IPV4_LIST, /* NTP Servers */ > > + [44] = DHCP_OPT_IPV4_LIST, /* NetBIOS Name Server */ > > + [50] = DHCP_OPT_IPV4, /* Requested IP Address */ > > + [51] = DHCP_OPT_INT32, /* IP Address Lease Time */ > > + [53] = DHCP_OPT_INT8, /* DHCP Message Type */ > > + [54] = DHCP_OPT_IPV4, /* Server Identifier */ > > + [57] = DHCP_OPT_INT16, /* Max DHCP Message Size */ > > + [58] = DHCP_OPT_INT32, /* Renewal (T1) Time */ > > + [59] = DHCP_OPT_INT32, /* Rebinding (T2) Time */ > > + [60] = DHCP_OPT_STR, /* Vendor Class Identifier */ > > + [66] = DHCP_OPT_STR, /* TFTP Server Name */ > > + [67] = DHCP_OPT_STR, /* Bootfile Name */ > > + [252] = DHCP_OPT_STR, /* WPAD URL */ > > +}; > > + > > +/** > > + * dhcp_opt_parse() - Parse a DHCP option value > > + * @code: DHCP option code > > + * @str: Value string from command line > > + * @buf: Output buffer for binary value > > + * @buf_len: Size of output buffer > > + * > > + * Return: number of bytes written to @buf, or -1 on error > > + */ > > +int dhcp_opt_parse(uint8_t code, const char *str, > > + uint8_t *buf, size_t buf_len) > > +{ > > + enum dhcp_opt_type type; > > + unsigned long val; > > + unsigned int i; > > + uint8_t width; > > + size_t slen; > > + char *end; > > + int len; > > + > > + if (code >= ARRAY_SIZE(dhcp_opt_types)) > > + return -1; > > + > > + type = dhcp_opt_types[code]; > > + > > + if (!*str) > > + return -1; > > + > > + switch (type) { > > + case DHCP_OPT_NONE: > > + return -1; > > + case DHCP_OPT_IPV4: > > + case DHCP_OPT_IPV4_LIST: > > + len = 0; > > + > > + while (*str) { > > + char ipbuf[INET_ADDRSTRLEN]; > > + size_t chunk; > > + > > + chunk = strcspn(str, ","); > > + > > + if (!chunk || chunk >= sizeof(ipbuf)) > > + return -1; > > + > > + memcpy(ipbuf, str, chunk); > > + ipbuf[chunk] = '\0'; > > + > > + if (len + (int)sizeof(struct in_addr) > > (int)buf_len) > > Both sides are necessarily non-negative, so it would make more sense > to make len unsigned than to cast the other things to signed. > > > + return -1; > > + > > + if (inet_pton(AF_INET, ipbuf, buf + len) != 1) > > + return -1; > > + > > + len += sizeof(struct in_addr); > > + > > + if (type == DHCP_OPT_IPV4) { > > + if (str[chunk] == ',') > > + return -1; > > + break; > > + } > > + > > + str += chunk + (str[chunk] == ','); > > + } > > + > > + if (!len) > > + return -1; > > + > > + return len; > > + case DHCP_OPT_INT8: > > + case DHCP_OPT_INT16: > > + case DHCP_OPT_INT32: > > + case DHCP_OPT_SINT32: > > + if (type == DHCP_OPT_INT8) > > + width = 1; > > + else if (type == DHCP_OPT_INT16) > > + width = 2; > > + else > > + width = 4; > > + > > + if (buf_len < width) > > + return -1; > > + > > + errno = 0; > > + if (type == DHCP_OPT_SINT32) { > > + long sval; > > + > > + sval = strtol(str, &end, 0); > > + if (*end || errno || > > + sval < INT32_MIN || sval > INT32_MAX) > > + return -1; > > + val = (uint32_t)sval; > > + } else { > > + val = strtoul(str, &end, 0); > > + if (*end || errno || > > + val >= (1ULL << (width * 8))) > > + return -1; > > + } > > + > > + for (i = width; i > 0; i--) { > > + buf[i - 1] = val & 0xff; > > + val >>= 8; > > + } > > + > > + return width; > > + case DHCP_OPT_STR: > > + slen = strlen(str); > > + > > + if (slen >= buf_len) > > + return -1; > > + > > + memcpy(buf, str, slen); > > + > > + return slen; > > + } > > + > > + return -1; > > +} > > + > > /** > > * fill_one() - Fill a single option into a buffer > > * @buf: Buffer to write option > > @@ -541,6 +725,13 @@ int dhcp(const struct ctx *c, struct iov_tail *data) > > if (!c->no_dhcp_dns_search) > > opt_set_dns_search(c, OPT_MAX - 3); > > > > + for (i = 1; i < 255; i++) { > > + if (!c->dhcp_opts[i].str[0]) > > + continue; > > + opts[i].slen = dhcp_opt_parse(i, c->dhcp_opts[i].str, > > + opts[i].s, > sizeof(opts[i].s)); > > + } > > + > > /* RFC 2132, Section 9.5: put boot file name in the 'file' header > > * field. Suppress option 67 from the options area and reserve > > * the file field from overload. > > diff --git a/dhcp.h b/dhcp.h > > index cd50c99..cc8d5dd 100644 > > --- a/dhcp.h > > +++ b/dhcp.h > > @@ -8,5 +8,7 @@ > > > > int dhcp(const struct ctx *c, struct iov_tail *data); > > void dhcp_init(void); > > +int dhcp_opt_parse(uint8_t code, const char *str, > > + uint8_t *buf, size_t buf_len); > > > > #endif /* DHCP_H */ > > diff --git a/passt.1 b/passt.1 > > index 908fd4a..ccdcbb2 100644 > > --- a/passt.1 > > +++ b/passt.1 > > @@ -430,6 +430,48 @@ Send \fIname\fR as DHCP option 12 (hostname). > > FQDN to configure the client with. > > Send \fIname\fR as Client FQDN: DHCP option 81 and DHCPv6 option 39. > > > > +.TP > > +.BR \-\-dhcp-opt " " \fICODE\fR,\fIVALUE\fR > > +Set DHCP option \fICODE\fR (1\-254) to \fIVALUE\fR. The value format > depends > > +on the option type and is determined automatically from the option code. > > +Multiple IPv4 addresses are comma-separated. > > +This option can be specified multiple times. If the same option code is > > +given more than once, the last value wins. Options set with > > +\fB\-\-dhcp-opt\fR override built-in values. > > +.PP > > +Examples: > > +.nf > > + \-\-dhcp-opt 6,8.8.8.8,4.4.4.4 > > + \-\-dhcp-opt 12,myhostname > > +.fi > > +.PP > > +Only the following option codes are supported (unsupported codes cause > an error): > > +.RS > > +.TP > > +.B IPv4 address options > > +1 (Subnet Mask), 16 (Swap Server), 28 (Broadcast Address), 50 > (Requested IP), > > +54 (Server Identifier) > > +.TP > > +.B IPv4 address list options (comma-separated) > > +3 (Router), 4 (Time Server), 5 (Name Server), 6 (DNS), 7 (Log Server), > > +8 (Cookie Server), 9 (LPR Server), 10 (Impress Server), > > +11 (Resource Location Server), 41 (NIS Servers), > > +42 (NTP Servers), 44 (NetBIOS Name Server) > > +.TP > > +.B Integer options > > +2 (Time Offset, 32-bit), 13 (Boot File Size, 16-bit), 19 (IP > Forwarding, 8-bit), > > +23 (Default IP TTL, 8-bit), 26 (Interface MTU, 16-bit), > > +37 (TCP Default TTL, 8-bit), 38 (TCP Keepalive Interval, 32-bit), > > +51 (IP Address Lease Time, 32-bit), > > +53 (DHCP Message Type, 8-bit), 57 (Max DHCP Message Size, 16-bit), > > +58 (Renewal Time, 32-bit), 59 (Rebinding Time, 32-bit) > > +.TP > > +.B String options > > +12 (Host Name), 15 (Domain Name), 17 (Root Path), 40 (NIS Domain Name), > > +60 (Vendor Class Identifier), 66 (TFTP Server Name), > > +67 (Bootfile Name), 252 (WPAD URL) > > +.RE > > + > > .TP > > .BR \-t ", " \-\-tcp-ports " " \fIspec > > Configure TCP port forwarding to guest or namespace. \fIspec\fR can be > one of: > > diff --git a/passt.h b/passt.h > > index 3a07294..15e2d83 100644 > > --- a/passt.h > > +++ b/passt.h > > @@ -182,6 +182,8 @@ struct ip6_ctx { > > * @dns_search: DNS search list > > * @hostname: Guest hostname > > * @fqdn: Guest FQDN > > + * @dhcp_opts: User-specified DHCP options from --dhcp-opt > > + * @dhcp_opts.str: String value from command line > > * @ifi6: Template interface for IPv6, -1: none, 0: IPv6 > disabled > > * @ip6: IPv6 configuration > > * @pasta_ifn: Name of namespace interface for pasta > > @@ -264,6 +266,10 @@ struct ctx { > > char hostname[PASST_MAXDNAME]; > > char fqdn[PASST_MAXDNAME]; > > > > + struct { > > + char str[255]; > > + } dhcp_opts[256]; > > + > > int ifi6; > > struct ip6_ctx ip6; > > > > -- > > 2.54.0 > > > > -- > David Gibson (he or they) | I'll have my music baroque, and my code > david AT gibson.dropbear.id.au | minimalist, thank you, not the other way > | around. > http://www.ozlabs.org/~dgibson >