From ce129ba5cb53c23ba7a538c467d310cf7d09eaa7 Mon Sep 17 00:00:00 2001
From: Nikolay Edigaryev <edigaryev@gmail.com>
Date: Fri, 12 Aug 2022 17:50:10 +0300
Subject: [PATCH] Allow host communication (#7)

* Allow communication with host

* Clarify missing root privileges message
---
 lib/proxy/vm.rs | 12 +++++++-----
 src/main.rs     |  2 +-
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/lib/proxy/vm.rs b/lib/proxy/vm.rs
index 0c5fe89..6dcb760 100644
--- a/lib/proxy/vm.rs
+++ b/lib/proxy/vm.rs
@@ -68,6 +68,11 @@ impl Proxy {
             }
         }
 
+        // Allow communication with host
+        if ipv4_pkt.dst_addr() == self.host.gateway_ip {
+            return Some(());
+        }
+
         if ipv4_pkt.protocol() == IpProtocol::Udp {
             let udp_pkt = UdpPacket::new_checked(ipv4_pkt.payload()).ok()?;
 
@@ -77,11 +82,8 @@ impl Proxy {
                 return Some(());
             }
 
-            // Allow DHCP communication with the bootpd(8) on host
-            let allowed_dhcp_target =
-                ipv4_pkt.dst_addr().is_broadcast() || ipv4_pkt.dst_addr() == self.host.gateway_ip;
-
-            if udp_pkt.is_dhcp_request() && allowed_dhcp_target {
+            // Allow DHCP communication with the bootpd(8) on host via broadcast address
+            if udp_pkt.is_dhcp_request() && ipv4_pkt.dst_addr().is_broadcast() {
                 return Some(());
             }
         }
diff --git a/src/main.rs b/src/main.rs
index ec6a307..dce5c67 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -92,7 +92,7 @@ fn try_main() -> Result<(), Box<dyn std::error::Error>> {
                 .exec();
         }
 
-        return Err("root privileges are required to run".into());
+        return Err("root privileges are required to run and passwordless sudo was not available".into());
     }
 
     // Set bootpd(8) min/max lease time while still having the root privileges