From 72e4efbfa6075d620088447d678cd9eb594a0d60 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 17 Dec 2025 09:35:40 +0100
Subject: [PATCH] network: Introduce port for DNS forwarder

In the <dns/> section of network configuration users can set up
forwarding of DNS requests to custom DNS servers. These are
specified using 'addr' attribute. But configuring port wasn't
possible, until now. New 'port' attribute is introduced, which
allows overriding the default DNS port for given address.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
---
 docs/formatnetwork.rst                        |  8 +++--
 src/conf/network_conf.c                       | 36 +++++++++++++++----
 src/conf/schemas/network.rng                  |  5 +++
 .../nat-network-dns-forwarders.xml            |  2 +-
 .../nat-network-dns-forwarders.xml            |  2 +-
 5 files changed, 42 insertions(+), 11 deletions(-)

diff --git a/docs/formatnetwork.rst b/docs/formatnetwork.rst
index 6694a145af..12468c276e 100644
--- a/docs/formatnetwork.rst
+++ b/docs/formatnetwork.rst
@@ -695,7 +695,7 @@ of 'route' or 'nat'.
    <dns>
      <txt name="example" value="example value"/>
      <forwarder addr="8.8.8.8"/>
-     <forwarder domain='example.com' addr="8.8.4.4"/>
+     <forwarder domain='example.com' addr='8.8.4.4' port='1234'/>
      <forwarder domain='www.example.com'/>
      <srv service='name' protocol='tcp' domain='test-domain-name' target='.'
        port='1024' priority='10' weight='10'/>
@@ -762,8 +762,10 @@ of 'route' or 'nat'.
       will be resolved locally (or via the host's standard DNS forwarding if
       they can't be resolved locally). If an ``addr`` is specified by itself,
       then all DNS requests to the network's DNS server will be forwarded to the
-      DNS server at that address with no exceptions. ``addr`` :since:`Since
-      1.1.3` , ``domain`` :since:`Since 2.2.0`.
+      DNS server at that address with no exceptions. Optionally, the ``port``
+      attribute can be given among with ``addr`` to specify a nonstandard
+      port of the DNS server.  ``addr`` :since:`Since 1.1.3`, ``domain``
+      :since:`Since 2.2.0`, ``port`` :since:`Since 12.0.0`.
    ``txt``
       A ``dns`` element can have 0 or more ``txt`` elements. Each txt element
       defines a DNS TXT record and has two attributes, both required: a name
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index 8cd26de72f..fe44fd28c3 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -901,12 +901,32 @@ virNetworkDNSDefParseXML(const char *networkName,
         for (i = 0; i < nfwds; i++) {
             g_autofree char *addr = virXMLPropString(fwdNodes[i], "addr");
 
-            if (addr && virSocketAddrParse(&def->forwarders[i].addr,
-                                           addr, AF_UNSPEC) < 0) {
-                virReportError(VIR_ERR_XML_ERROR,
-                               _("Invalid forwarder IP address '%1$s' in network '%2$s'"),
-                               addr, networkName);
-                return -1;
+            if (addr) {
+                int port = -1;
+                int rc;
+
+                if (virSocketAddrParse(&def->forwarders[i].addr,
+                                       addr, AF_UNSPEC) < 0) {
+                    virReportError(VIR_ERR_XML_ERROR,
+                                   _("Invalid forwarder IP address '%1$s' in network '%2$s'"),
+                                   addr, networkName);
+                    return -1;
+                }
+
+                if ((rc = virXMLPropInt(fwdNodes[i], "port", 10,
+                                        VIR_XML_PROP_NONZERO |
+                                        VIR_XML_PROP_NONNEGATIVE,
+                                        &port, -1)) < 0) {
+                    return -1;
+                } else if (rc > 0) {
+                    if (port > 65535) {
+                        virReportError(VIR_ERR_INVALID_ARG,
+                                       _("port '%1$d' out of range"), port);
+                        return -1;
+                    }
+
+                    virSocketAddrSetPort(&def->forwarders[i].addr, port);
+                }
             }
             def->forwarders[i].domain = virXMLPropString(fwdNodes[i], "domain");
             if (!(addr || def->forwarders[i].domain)) {
@@ -1986,11 +2006,15 @@ virNetworkDNSDefFormat(virBuffer *buf,
         }
         if (VIR_SOCKET_ADDR_VALID(&def->forwarders[i].addr)) {
             g_autofree char *addr = virSocketAddrFormat(&def->forwarders[i].addr);
+            int port = virSocketAddrGetPort(&def->forwarders[i].addr);
 
             if (!addr)
                 return -1;
 
             virBufferAsprintf(buf, " addr='%s'", addr);
+
+            if (port > 0)
+                virBufferAsprintf(buf, " port='%d'", port);
         }
         virBufferAddLit(buf, "/>\n");
     }
diff --git a/src/conf/schemas/network.rng b/src/conf/schemas/network.rng
index b7c8551fad..2bd67c3e41 100644
--- a/src/conf/schemas/network.rng
+++ b/src/conf/schemas/network.rng
@@ -287,6 +287,11 @@
                   <optional>
                     <attribute name="domain"><ref name="dnsName"/></attribute>
                   </optional>
+                  <optional>
+                    <attribute name="port">
+                      <ref name="port"/>
+                    </attribute>
+                  </optional>
                   <empty/>
                 </element>
               </zeroOrMore>
diff --git a/tests/networkxml2xmlin/nat-network-dns-forwarders.xml b/tests/networkxml2xmlin/nat-network-dns-forwarders.xml
index 426dd45cd9..dd22b686ab 100644
--- a/tests/networkxml2xmlin/nat-network-dns-forwarders.xml
+++ b/tests/networkxml2xmlin/nat-network-dns-forwarders.xml
@@ -6,7 +6,7 @@
   <dns>
     <forwarder addr='8.8.8.8'/>
     <forwarder addr='8.8.4.4'/>
-    <forwarder domain='example.com' addr='192.168.1.1'/>
+    <forwarder domain='example.com' addr='192.168.1.1' port='1234'/>
     <forwarder domain='www.example.com'/>
   </dns>
   <ip address='192.168.122.1' netmask='255.255.255.0'>
diff --git a/tests/networkxml2xmlout/nat-network-dns-forwarders.xml b/tests/networkxml2xmlout/nat-network-dns-forwarders.xml
index c05ad5514d..e03912750c 100644
--- a/tests/networkxml2xmlout/nat-network-dns-forwarders.xml
+++ b/tests/networkxml2xmlout/nat-network-dns-forwarders.xml
@@ -8,7 +8,7 @@
   <dns>
     <forwarder addr='8.8.8.8'/>
     <forwarder addr='8.8.4.4'/>
-    <forwarder domain='example.com' addr='192.168.1.1'/>
+    <forwarder domain='example.com' addr='192.168.1.1' port='1234'/>
     <forwarder domain='www.example.com'/>
   </dns>
   <ip address='192.168.122.1' netmask='255.255.255.0'>
-- 
2.47.3