Add support for IP_LOCAL_PORT_RANGE socket option. #81483
Conversation
subsys/net/ip/Kconfig
Outdated
| bool "Allow clamping down the global local port range for net_context" | ||
| depends on NET_UDP || NET_TCP | ||
| help | ||
| Set or get the per-context default local port range. This |
There was a problem hiding this comment.
| Set or get the per-context default local port range. This | |
| Set or get the per-context default local port range. This |
subsys/net/ip/net_context.c
Outdated
| * then we use the range. Also make sure that upper is | ||
| * greater than lower. | ||
| */ | ||
| if (upper == 0 || lower == 0 || upper < lower) { |
There was a problem hiding this comment.
If upper is supposed to be greater than lower, then we should check for upper <= lower here, right?
There was a problem hiding this comment.
But then we would not be able to have a range of one port number. That would probably not be very practical but I suppose it could be done.
There was a problem hiding this comment.
Well, in that case, if we want to allow single-number ranges, then we have some inconsistencies in the docs. The net context documentation says:
* The lower bound has to be less than the upper bound when
* both bounds are not zero
Also the comment just above the check says:
* then we use the range. Also make sure that upper is
* greater than lower.
And finally, when verifying range in check_used_port() we check:
if (upper != 0 && lower != 0 && lower < upper) {
All those assume that lower and upper bounds should not be equal.
To be fair, either approach works for me (although if one wanted to use a specific port, he could simply bind to it), just need to be consistent.
There was a problem hiding this comment.
Good point, I think we need to stick with what the doc says as it is copied from Linux. I will fix the checks.
subsys/net/ip/net_context.c
Outdated
| } while (check_used_port(context, NULL, net_context_get_proto(context), | ||
| htons(local_port), addr, false, false) == -EEXIST); | ||
| htons(local_port), addr, false, false, false) == -EEXIST); |
There was a problem hiding this comment.
A bit tricky, but what if someone sets a short range and all of the ports within the range get used - we may spin here indefinitely then? Maybe we should add some retry counter?
There was a problem hiding this comment.
Good point, I will figure out some fix for that.
Add support for IP_LOCAL_PORT_RANGE socket option. The option supports both IPv4 and IPv6 sockets although the type is IPPROTO_IP. The option can be used to enforce the ephemeral port number selection to be in certain range. Signed-off-by: Jukka Rissanen <[email protected]>
Make sure that the IP_LOCAL_PORT_RANGE socket option works as expected. Signed-off-by: Jukka Rissanen <[email protected]>
jukkar
force-pushed
the
devel/support-port-range-selection
branch
from
39600f8
to
001c71e
Compare
|
Add support for
IP_LOCAL_PORT_RANGEsocket option. The option supports both IPv4 and IPv6 sockets although the type isIPPROTO_IP.The option can be used to enforce the ephemeral port number selection to be in certain range.