Bug#1010498: RFP: passt -- Unprivileged user-mode network connectivity for virtual machines and containers

[Stefano Brivio <sbrivio@redhat.com>]

Package: wnpp
Severity: wishlist

* Package name    : passt
  Version         : 0+git-32210fb64f7d
  Upstream Author : Stefano Brivio <sbrivio@redhat.com>
* URL             : https://passt.top/
* License         : AGPL-3.0-or-later AND BSD-3-Clause
  Programming Lang: C
  Description     : user-mode networking daemons for virtual machines and containers

passt implements a translation layer between a Layer-2 network interface and
native Layer-4 sockets (TCP, UDP, ICMP/ICMPv6 echo) on a host. It doesn't
require any capabilities or privileges, and it can be used as a simple
replacement for Slirp.

pasta (same binary as passt, different command) offers equivalent functionality,
for network namespaces: traffic is forwarded using a tap interface inside the
namespace, without the need to create further interfaces on the host, hence not
requiring any capabilities or privileges.

This might become a dependency for other packages such as
libvirt and podman. Having it packaged in Debian would actually
favour adoption of this solution over libslirp/slirp4netns, which
provide a similar functionality but limited in many aspects, with
generally poorer performance and with a codebase that originates
from a very different purpose, that showed a number of security
issues in its long history.

I don't plan to maintain this package -- this is actually an RFP.

An example of Debian packaging files is available upstream at:
  https://passt.top/contrib/debian
including dh_apparmor rules for the example policy from:
  https://passt.top/passt/tree/contrib/apparmor