mirror of
https://passt.top/passt
synced 2024-12-22 13:45:32 +00:00
icmp: Obtain destination addresses from the flowsides
icmp_sock_handler() obtains the guest address from it's most recently observed IP. However, this can now be obtained from the common flowside information. icmp_tap_handler() builds its socket address for sendto() directly from the destination address supplied by the incoming tap packet. This can instead be generated from the flow. Using the flowsides as the common source of truth here prepares us for allowing more flexible NAT and forwarding by properly initialising that flowside information. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
5cffb1bf64
commit
6d76278c21
27
icmp.c
27
icmp.c
@ -127,11 +127,18 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref)
|
|||||||
flow_dbg(pingf, "echo reply to tap, ID: %"PRIu16", seq: %"PRIu16,
|
flow_dbg(pingf, "echo reply to tap, ID: %"PRIu16", seq: %"PRIu16,
|
||||||
ini->eport, seq);
|
ini->eport, seq);
|
||||||
|
|
||||||
if (pingf->f.type == FLOW_PING4)
|
if (pingf->f.type == FLOW_PING4) {
|
||||||
tap_icmp4_send(c, sr.sa4.sin_addr, tap_ip4_daddr(c), buf, n);
|
const struct in_addr *saddr = inany_v4(&ini->faddr);
|
||||||
else if (pingf->f.type == FLOW_PING6)
|
const struct in_addr *daddr = inany_v4(&ini->eaddr);
|
||||||
tap_icmp6_send(c, &sr.sa6.sin6_addr,
|
|
||||||
tap_ip6_daddr(c, &sr.sa6.sin6_addr), buf, n);
|
ASSERT(saddr && daddr); /* Must have IPv4 addresses */
|
||||||
|
tap_icmp4_send(c, *saddr, *daddr, buf, n);
|
||||||
|
} else if (pingf->f.type == FLOW_PING6) {
|
||||||
|
const struct in6_addr *saddr = &ini->faddr.a6;
|
||||||
|
const struct in6_addr *daddr = &ini->eaddr.a6;
|
||||||
|
|
||||||
|
tap_icmp6_send(c, saddr, daddr, buf, n);
|
||||||
|
}
|
||||||
return;
|
return;
|
||||||
|
|
||||||
unexpected:
|
unexpected:
|
||||||
@ -241,11 +248,12 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
|
|||||||
const void *saddr, const void *daddr,
|
const void *saddr, const void *daddr,
|
||||||
const struct pool *p, const struct timespec *now)
|
const struct pool *p, const struct timespec *now)
|
||||||
{
|
{
|
||||||
union sockaddr_inany sa = { .sa_family = af };
|
|
||||||
const socklen_t sl = af == AF_INET ? sizeof(sa.sa4) : sizeof(sa.sa6);
|
|
||||||
struct icmp_ping_flow *pingf, **id_sock;
|
struct icmp_ping_flow *pingf, **id_sock;
|
||||||
|
const struct flowside *tgt;
|
||||||
|
union sockaddr_inany sa;
|
||||||
size_t dlen, l4len;
|
size_t dlen, l4len;
|
||||||
uint16_t id, seq;
|
uint16_t id, seq;
|
||||||
|
socklen_t sl;
|
||||||
void *pkt;
|
void *pkt;
|
||||||
|
|
||||||
(void)saddr;
|
(void)saddr;
|
||||||
@ -266,7 +274,6 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
|
|||||||
id = ntohs(ih->un.echo.id);
|
id = ntohs(ih->un.echo.id);
|
||||||
id_sock = &icmp_id_map[V4][id];
|
id_sock = &icmp_id_map[V4][id];
|
||||||
seq = ntohs(ih->un.echo.sequence);
|
seq = ntohs(ih->un.echo.sequence);
|
||||||
sa.sa4.sin_addr = *(struct in_addr *)daddr;
|
|
||||||
} else if (af == AF_INET6) {
|
} else if (af == AF_INET6) {
|
||||||
const struct icmp6hdr *ih;
|
const struct icmp6hdr *ih;
|
||||||
|
|
||||||
@ -282,8 +289,6 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
|
|||||||
id = ntohs(ih->icmp6_identifier);
|
id = ntohs(ih->icmp6_identifier);
|
||||||
id_sock = &icmp_id_map[V6][id];
|
id_sock = &icmp_id_map[V6][id];
|
||||||
seq = ntohs(ih->icmp6_sequence);
|
seq = ntohs(ih->icmp6_sequence);
|
||||||
sa.sa6.sin6_addr = *(struct in6_addr *)daddr;
|
|
||||||
sa.sa6.sin6_scope_id = c->ifi6;
|
|
||||||
} else {
|
} else {
|
||||||
ASSERT(0);
|
ASSERT(0);
|
||||||
}
|
}
|
||||||
@ -292,8 +297,10 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, sa_family_t af,
|
|||||||
if (!(pingf = icmp_ping_new(c, id_sock, af, id, saddr, daddr)))
|
if (!(pingf = icmp_ping_new(c, id_sock, af, id, saddr, daddr)))
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
tgt = &pingf->f.side[TGTSIDE];
|
||||||
pingf->ts = now->tv_sec;
|
pingf->ts = now->tv_sec;
|
||||||
|
|
||||||
|
pif_sockaddr(c, &sa, &sl, PIF_HOST, &tgt->eaddr, 0);
|
||||||
if (sendto(pingf->sock, pkt, l4len, MSG_NOSIGNAL, &sa.sa, sl) < 0) {
|
if (sendto(pingf->sock, pkt, l4len, MSG_NOSIGNAL, &sa.sa, sl) < 0) {
|
||||||
flow_dbg(pingf, "failed to relay request to socket: %s",
|
flow_dbg(pingf, "failed to relay request to socket: %s",
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
|
11
tap.c
11
tap.c
@ -90,17 +90,6 @@ void tap_send_single(const struct ctx *c, const void *data, size_t l2len)
|
|||||||
tap_send_frames(c, iov, iovcnt, 1);
|
tap_send_frames(c, iov, iovcnt, 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* tap_ip4_daddr() - Normal IPv4 destination address for inbound packets
|
|
||||||
* @c: Execution context
|
|
||||||
*
|
|
||||||
* Return: IPv4 address
|
|
||||||
*/
|
|
||||||
struct in_addr tap_ip4_daddr(const struct ctx *c)
|
|
||||||
{
|
|
||||||
return c->ip4.addr_seen;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* tap_ip6_daddr() - Normal IPv6 destination address for inbound packets
|
* tap_ip6_daddr() - Normal IPv6 destination address for inbound packets
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
|
1
tap.h
1
tap.h
@ -43,7 +43,6 @@ static inline void tap_hdr_update(struct tap_hdr *thdr, size_t l2len)
|
|||||||
thdr->vnet_len = htonl(l2len);
|
thdr->vnet_len = htonl(l2len);
|
||||||
}
|
}
|
||||||
|
|
||||||
struct in_addr tap_ip4_daddr(const struct ctx *c);
|
|
||||||
void tap_udp4_send(const struct ctx *c, struct in_addr src, in_port_t sport,
|
void tap_udp4_send(const struct ctx *c, struct in_addr src, in_port_t sport,
|
||||||
struct in_addr dst, in_port_t dport,
|
struct in_addr dst, in_port_t dport,
|
||||||
const void *in, size_t dlen);
|
const void *in, size_t dlen);
|
||||||
|
Loading…
Reference in New Issue
Block a user