From 7722b582b4f09df64fb55e3ab9669392754ce75c Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 16 Jul 2020 12:26:36 +0200 Subject: network, slirp4netns: add option to allow host loopback Closes: https://github.com/containers/podman/issues/6912 Signed-off-by: Giuseppe Scrivano --- libpod/networking_linux.go | 7 ++++++- test/e2e/run_networking_test.go | 6 ++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 9be8e0b14..8b08d3d5f 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -224,6 +224,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID)) isSlirpHostForward := false + disableHostLoopback := true if ctr.config.NetworkOptions != nil { slirpOptions := ctr.config.NetworkOptions["slirp4netns"] for _, o := range slirpOptions { @@ -232,6 +233,10 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { isSlirpHostForward = true case "port_handler=rootlesskit": isSlirpHostForward = false + case "allow_host_loopback=true": + disableHostLoopback = false + case "allow_host_loopback=false": + disableHostLoopback = true default: return errors.Errorf("unknown option for slirp4netns: %q", o) @@ -244,7 +249,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { if err != nil { return errors.Wrapf(err, "error checking slirp4netns binary %s: %q", path, err) } - if slirpFeatures.HasDisableHostLoopback { + if disableHostLoopback && slirpFeatures.HasDisableHostLoopback { cmdArgs = append(cmdArgs, "--disable-host-loopback") } if slirpFeatures.HasMTU { diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 50937a10b..93057f428 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -244,6 +244,12 @@ var _ = Describe("Podman run networking", func() { Expect(session.ExitCode()).To(Not(Equal(0))) }) + It("podman run slirp4netns network with host loopback", func() { + session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:allow_host_loopback=true", ALPINE, "ping", "-c1", "10.0.2.2"}) + session.Wait(30) + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman run network expose ports in image metadata", func() { session := podmanTest.Podman([]string{"create", "-dt", "-P", nginx}) session.Wait(90) -- cgit v1.2.3-54-g00ecf