On Sun, Oct 12, 2025 at 03:33:33PM -0400, Jon Maloy wrote:
When communicating with remote hosts on the local network, some guest applications want to see the real MAC address of that host instead of PASST/PASTA's own tap address. The flow_common structure is a convenient location for storing that address, so we do that in this commit.
Note that we don´t add actual usage of this address here, that will be done in later commits.
Signed-off-by: Jon Maloy
Reviewed-by: David Gibson
--- v3: - Moved the remote host macaddress from struct flowside to struct flow_common. I chose to call it 'omac' as suggested by David, although in my understanding the correct name would be 'emac'. (In general I find the address naming scheme confusing.) - Adapted to new signature of function nl_mac_get(), now passing it the index of the template interface. v4: - Renamed flow_commeon->omac to flow_common->tap_omac to make is role in the code clearer v5: - Modified the criteria for ARP/NDP table lookup like in the previous commits. - Removed the PIF_TAP lookup case, as David suggested, and did instead give the flow->tap_omac field a value marking it as non-initialized. - Calling the cache table instead of netlink for ARP/NDP lookup. - Unconditionally using the potentially translated IP address in the lookup, instead of only if NAT really was applied. v6: - Using MAC_ZERO instead of own definitions v12:- Using MAC_UNDEF (==ff:ff:ff:ff:ff:ff) instead of MAC_ZERO, which is a legal MAC address. v13: - Removed call to nat_outbound() before MAC resolution, as we are now handling guest-side visible addresses only. - Using tgt->oaddr instead of ini->eaddr as lookup key for fwd_neigh_mac_get(), for the same reason as above. --- flow.c | 2 ++ flow.h | 2 ++ util.h | 2 ++ 3 files changed, 6 insertions(+)
diff --git a/flow.c b/flow.c index feefda3..a57d7b9 100644 --- a/flow.c +++ b/flow.c @@ -449,6 +449,7 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow,
switch (f->pif[INISIDE]) { case PIF_TAP: + memcpy(f->tap_omac, MAC_UNDEF, ETH_ALEN); tgtpif = fwd_nat_from_tap(c, proto, ini, tgt); break;
@@ -458,6 +459,7 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow,
case PIF_HOST: tgtpif = fwd_nat_from_host(c, proto, ini, tgt); + fwd_neigh_mac_get(c, &tgt->oaddr, f->tap_omac); break;
default: diff --git a/flow.h b/flow.h index cac618a..f342895 100644 --- a/flow.h +++ b/flow.h @@ -177,6 +177,7 @@ int flowside_connect(const struct ctx *c, int s, * @type: Type of packet flow * @pif[]: Interface for each side of the flow * @side[]: Information for each side of the flow + * @tap_omac: MAC address of remote endpoint as seen from the guest */ struct flow_common { #ifdef __GNUC__ @@ -192,6 +193,7 @@ struct flow_common { #endif uint8_t pif[SIDES]; struct flowside side[SIDES]; + uint8_t tap_omac[6]; };
#define FLOW_INDEX_BITS 17 /* 128k - 1 */ diff --git a/util.h b/util.h index 22eaac5..6fc8f5d 100644 --- a/util.h +++ b/util.h @@ -101,6 +101,8 @@ void abort_with_msg(const char *fmt, ...) ((uint8_t [ETH_ALEN]){ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }) #define MAC_ZERO ((uint8_t [ETH_ALEN]){ 0 }) #define MAC_IS_ZERO(addr) (!memcmp((addr), MAC_ZERO, ETH_ALEN)) +#define MAC_UNDEF MAC_BROADCAST +#define MAC_IS_UNDEF(addr) (!memcmp((addr), MAC_UNDEF, ETH_ALEN))
#ifndef __bswap_constant_16 #define __bswap_constant_16(x) \ -- 2.50.1
-- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson