Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for SO_ORIGINAL_DST and IP6T_SO_ORIGINAL_DST. #360

Merged
merged 4 commits into from
Dec 5, 2022
Merged

Add support for SO_ORIGINAL_DST and IP6T_SO_ORIGINAL_DST. #360

merged 4 commits into from
Dec 5, 2022

Conversation

PiotrSikora
Copy link
Contributor

Those values contain the original destination IPv4/IPv6 address
of the connection redirected using iptables REDIRECT or TPROXY.

Signed-off-by: Piotr Sikora [email protected]

@PiotrSikora
Add support for SO_ORIGINAL_DST and IP6T_SO_ORIGINAL_DST.
850f5e7 
Those values contain the original destination IPv4/IPv6 address
of the connection redirected using iptables REDIRECT or TPROXY.

Signed-off-by: Piotr Sikora <[email protected]>
@PiotrSikora PiotrSikora mentioned this pull request Dec 1, 2022
Merged
Thomasdezeeuw
Thomasdezeeuw reviewed Dec 2, 2022
View reviewed changes
src/sys/unix.rs Outdated Show resolved Hide resolved
@Thomasdezeeuw
Copy link
Collaborator

Could also add a test, even if it's ignored by default.

@PiotrSikora
Copy link
Contributor Author

Could also add a test, even if it's ignored by default.

Done.

Thomasdezeeuw
Thomasdezeeuw approved these changes Dec 4, 2022
View reviewed changes
tests/socket.rs
fn original_dst() {
let socket = Socket::new(Domain::IPV4, Type::STREAM, None).unwrap();
match socket.original_dst() {
Ok(_) => panic!("original_dst on non-redirected socket should fail"),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How difficult would it be to add a test that successfully retrieved the address?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You'd need to configure iptables redirect in the operating system, which seems invasive for a test of the bindings.

@Thomasdezeeuw Thomasdezeeuw merged commit 05ca989 into rust-lang:master Dec 5, 2022
@Thomasdezeeuw
Copy link
Collaborator

Thanks @PiotrSikora.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Thomasdezeeuw Thomasdezeeuw Thomasdezeeuw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@PiotrSikora @Thomasdezeeuw