1 files changed, 42 insertions, 0 deletions

diff --git a/libpod/networking_common.go b/libpod/networking_common.go
new file mode 100644
index 000000000..a49a4c53c
--- /dev/null
+++ b/libpod/networking_common.go
@@ -0,0 +1,42 @@
+//go:build linux || freebsd
+// +build linux freebsd
+
+package libpod
+
+import (
+	"github.com/containers/common/libnetwork/types"
+	"github.com/containers/common/pkg/machine"
+)
+
+// convertPortMappings will remove the HostIP part from the ports when running inside podman machine.
+// This is need because a HostIP of 127.0.0.1 would now allow the gvproxy forwarder to reach to open ports.
+// For machine the HostIP must only be used by gvproxy and never in the VM.
+func (c *Container) convertPortMappings() []types.PortMapping {
+	if !machine.IsGvProxyBased() || len(c.config.PortMappings) == 0 {
+		return c.config.PortMappings
+	}
+	// if we run in a machine VM we have to ignore the host IP part
+	newPorts := make([]types.PortMapping, 0, len(c.config.PortMappings))
+	for _, port := range c.config.PortMappings {
+		port.HostIP = ""
+		newPorts = append(newPorts, port)
+	}
+	return newPorts
+}
+
+func (c *Container) getNetworkOptions(networkOpts map[string]types.PerNetworkOptions) types.NetworkOptions {
+	opts := types.NetworkOptions{
+		ContainerID:   c.config.ID,
+		ContainerName: getCNIPodName(c),
+	}
+	opts.PortMappings = c.convertPortMappings()
+
+	// If the container requested special network options use this instead of the config.
+	// This is the case for container restore or network reload.
+	if c.perNetworkOpts != nil {
+		opts.Networks = c.perNetworkOpts
+	} else {
+		opts.Networks = networkOpts
+	}
+	return opts
+}