Currently -[tTuU] all is handled separately in conf_ports() before calling
conf_ports_spec(). Earlier changes mean we can now move this handling to
conf_ports_spec(). This makes the code slightly simpler, but more
importantly it allows some useful combinations we couldn't previously do,
such as
-t 127.0.0.1/all
or
-u %eth2/all
Signed-off-by: David Gibson
---
conf.c | 25 ++++++++++---------------
passt.1 | 28 ++++++++++++++++++++--------
2 files changed, 30 insertions(+), 23 deletions(-)
diff --git a/conf.c b/conf.c
index 5d6517c3..f62109b5 100644
--- a/conf.c
+++ b/conf.c
@@ -251,6 +251,11 @@ static void conf_ports_spec(const struct ctx *c,
const char *p, *ep;
unsigned i;
+ if (!strcmp(spec, "all")) {
+ /* Treat "all" as equivalent to "": all non-ephemeral ports */
+ spec = "";
+ }
+
/* Mark all exclusions first, they might be given after base ranges */
for_each_chunk(p, ep, spec, ",") {
struct port_range xrange;
@@ -372,19 +377,6 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
return;
}
- if (!strcmp(optarg, "all")) {
- uint8_t exclude[PORT_BITMAP_SIZE] = { 0 };
-
- /* Exclude ephemeral ports */
- fwd_port_map_ephemeral(exclude);
-
- conf_ports_range_except(c, optname, optarg, fwd,
- proto, NULL, NULL,
- 1, NUM_PORTS - 1, exclude,
- 1, FWD_WEAK);
- return;
- }
-
strncpy(buf, optarg, sizeof(buf) - 1);
if ((spec = strchr(buf, '/'))) {
@@ -1039,14 +1031,17 @@ static void usage(const char *name, FILE *f, int status)
" can be specified multiple times\n"
" SPEC can be:\n"
" 'none': don't forward any ports\n"
- " 'all': forward all unbound, non-ephemeral ports\n"
"%s"
" [ADDR[%%IFACE]/]PORTS: forward specific ports\n"
- " PORTS is a comma-separated list of ports, optionally\n"
+ " PORTS is either 'all' (forward all unbound, non-ephemeral\n"
+ " ports), or a comma-separated list of ports, optionally\n"
" ranged with '-' and optional target ports after ':'.\n"
" Ranges can be reduced by excluding ports or ranges\n"
" prefixed by '~'\n"
" Examples:\n"
+ " -t all Forward all ports\n"
+ " -t 127.0.0.1/all Forward all ports from local address\n"
+ " 127.0.0.1\n"
" -t 22 Forward local port 22 to 22 on %s\n"
" -t 22:23 Forward local port 22 to 23 on %s\n"
" -t 22,25 Forward ports 22, 25 to ports 22, 25\n"
diff --git a/passt.1 b/passt.1
index d329f8f0..3ba447d5 100644
--- a/passt.1
+++ b/passt.1
@@ -434,12 +434,6 @@ Configure TCP port forwarding to guest or namespace. \fIspec\fR can be one of:
.BR none
Don't forward any ports
-.TP
-.BR all
-Forward all unbound, non-ephemeral ports, as permitted by current capabilities.
-For low (< 1024) ports, see \fBNOTES\fR. No failures are reported for
-unavailable ports, unless no ports could be forwarded at all.
-
.TP
.BR auto " " (\fBpasta\fR " " only)
Dynamically forward ports bound in the namespace. The list of ports is
@@ -449,10 +443,20 @@ periodically derived (every second) from listening sockets reported by
.TP
[\fIaddress\fR[\fB%\fR\fIinterface\fR]\fB/\fR]\fIports\fR ...
Specific ports to forward. Optionally, a specific listening address
-and interface name (since Linux 5.7) can be specified. \fIports\fR is
-a comma-separated list of entries which may be any of:
+and interface name (since Linux 5.7) can be specified. \fIports\fR
+may be either:
.RS
.TP
+\fBall\fR
+Forward all unbound, non-ephemeral ports, as permitted by current
+capabilities. For low (< 1024) ports, see \fBNOTES\fR. No failures
+are reported for unavailable ports, unless no ports could be forwarded
+at all.
+.RE
+
+.RS
+or a comma-separated list of entries which may be any of:
+.TP
\fIfirst\fR[\fB-\fR\fIlast\fR][\fB:\fR\fItofirst\fR[\fB-\fR\fItolast\fR]]
Include range. Forward port numbers between \fIfirst\fR and \fIlast\fR
(inclusive) to ports between \fItofirst\fR and \fItolast\fR. If
@@ -473,6 +477,14 @@ unavailable ports, unless no ports could be forwarded at all.
Examples:
.RS
.TP
+-t all
+Forward all unbound, non-ephemeral ports as permitted by current
+capabilities to the corresponding port on the guest or namespace
+.TP
+-t 127.0.0.1/all
+For the local address 127.0.0.1, forward all unbound, non-ephemeral
+ports as permitted by current capabilities.
+.TP
-t 22
Forward local port 22 to port 22 on the guest or namespace
.TP
--
2.53.0