diff options
| author | Kevin Krakauer <krakauer@google.com> | 2021-03-08 20:37:14 -0800 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-03-08 20:40:34 -0800 |
| commit | abbdcebc543242862fad0984db2db0a842021917 (patch) | |
| tree | 28e4dc26f8e7f862cc7e5a4112e1ca0b6d90c3dd /pkg/sentry/inet | |
| parent | 3c4485966c170850bb677efc88de4c0ecaac1358 (diff) | |
Implement /proc/sys/net/ipv4/ip_local_port_range
Speeds up the socket stress tests by a couple orders of magnitude.
PiperOrigin-RevId: 361721050
Diffstat (limited to 'pkg/sentry/inet')
| -rw-r--r-- | pkg/sentry/inet/inet.go | 8 | ||||
| -rw-r--r-- | pkg/sentry/inet/test_stack.go | 12 |
2 files changed, 20 insertions, 0 deletions
diff --git a/pkg/sentry/inet/inet.go b/pkg/sentry/inet/inet.go index f31277d30..6b71bd3a9 100644 --- a/pkg/sentry/inet/inet.go +++ b/pkg/sentry/inet/inet.go @@ -93,6 +93,14 @@ type Stack interface { // SetForwarding enables or disables packet forwarding between NICs. SetForwarding(protocol tcpip.NetworkProtocolNumber, enable bool) error + + // PortRange returns the UDP and TCP inclusive range of ephemeral ports + // used in both IPv4 and IPv6. + PortRange() (uint16, uint16) + + // SetPortRange sets the UDP and TCP IPv4 and IPv6 ephemeral port range + // (inclusive). + SetPortRange(start uint16, end uint16) error } // Interface contains information about a network interface. diff --git a/pkg/sentry/inet/test_stack.go b/pkg/sentry/inet/test_stack.go index 9ebeba8a3..03e2608c2 100644 --- a/pkg/sentry/inet/test_stack.go +++ b/pkg/sentry/inet/test_stack.go @@ -164,3 +164,15 @@ func (s *TestStack) SetForwarding(protocol tcpip.NetworkProtocolNumber, enable b s.IPForwarding = enable return nil } + +// PortRange implements inet.Stack.PortRange. +func (*TestStack) PortRange() (uint16, uint16) { + // Use the default Linux values per net/ipv4/af_inet.c:inet_init_net(). + return 32768, 28232 +} + +// SetPortRange implements inet.Stack.SetPortRange. +func (*TestStack) SetPortRange(start uint16, end uint16) error { + // No-op. + return nil +} |