External/passt
1
0
Fork 0
mirror of https://passt.top/passt synced 2024-09-19 14:00:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

conf: Don't configure port forwarding for a disabled protocol

Browse Source 
UDP and/or TCP can be disabled with the --no-udp and --no-tcp options.
However, when this is specified, it's still possible to configure forwarded
ports for the disabled protocol.  In some cases this will open sockets and
perform other actions, which might not be safe since the entire protocol
won't be initialised.

Check for this case, and explicitly forbid it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2024-07-17 10:36:00 +10:00 committed by Stefano Brivio
parent a740e16fd1
commit f79c42317f
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
conf.c
View File

@ -132,6 +132,11 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
return; return;
} }
if ((optname == 't' || optname == 'T') && c->no_tcp)
die("TCP port forwarding requested but TCP is disabled");
if ((optname == 'u' || optname == 'U') && c->no_udp)
die("UDP port forwarding requested but UDP is disabled");
if (!strcmp(optarg, "auto")) { if (!strcmp(optarg, "auto")) {
if (fwd->mode) if (fwd->mode)
goto mode_conflict; goto mode_conflict;