diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-08-12 13:11:39 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-08-12 13:11:39 -0400 |
| commit | 4ef4f522f9a2850e14a93186c647175685166d95 (patch) | |
| tree | 90533eb1d43bae0f7880210233148676ed976539 /libpod | |
| parent | 8e4842a14deff83cef7996e393cfc9fa932bfb30 (diff) | |
| parent | 95e73c65ae01a83658619083f218ae8ebdbef906 (diff) | |
| download | podman-4ef4f522f9a2850e14a93186c647175685166d95.tar.gz podman-4ef4f522f9a2850e14a93186c647175685166d95.tar.bz2 podman-4ef4f522f9a2850e14a93186c647175685166d95.zip | |
Merge pull request #7308 from hamzadis/slirp4netns-cidr
Add support for setting the CIDR when using slirp4netns
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/networking_linux.go | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index ed8f82c46..6f266e5d6 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -171,6 +171,7 @@ type slirpFeatures struct { HasMTU bool HasEnableSandbox bool HasEnableSeccomp bool + HasCIDR bool HasOutboundAddr bool HasIPv6 bool } @@ -199,6 +200,7 @@ func checkSlirpFlags(path string) (*slirpFeatures, error) { HasMTU: strings.Contains(string(out), "--mtu"), HasEnableSandbox: strings.Contains(string(out), "--enable-sandbox"), HasEnableSeccomp: strings.Contains(string(out), "--enable-seccomp"), + HasCIDR: strings.Contains(string(out), "--cidr"), HasOutboundAddr: strings.Contains(string(out), "--outbound-addr"), HasIPv6: strings.Contains(string(out), "--enable-ipv6"), }, nil @@ -227,6 +229,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { havePortMapping := len(ctr.Config().PortMappings) > 0 logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID)) + cidr := "" isSlirpHostForward := false disableHostLoopback := true enableIPv6 := false @@ -240,6 +243,12 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { option, value := parts[0], parts[1] switch option { + case "cidr": + ipv4, _, err := net.ParseCIDR(value) + if err != nil || ipv4.To4() == nil { + return errors.Errorf("invalid cidr %q", value) + } + cidr = value case "port_handler": switch value { case "slirp4netns": @@ -309,6 +318,13 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { cmdArgs = append(cmdArgs, "--enable-seccomp") } + if cidr != "" { + if !slirpFeatures.HasCIDR { + return errors.Errorf("cidr not supported") + } + cmdArgs = append(cmdArgs, fmt.Sprintf("--cidr=%s", cidr)) + } + if enableIPv6 { if !slirpFeatures.HasIPv6 { return errors.Errorf("enable_ipv6 not supported") |