From 7722b582b4f09df64fb55e3ab9669392754ce75c Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Thu, 16 Jul 2020 12:26:36 +0200
Subject: network, slirp4netns: add option to allow host loopback

Closes: https://github.com/containers/podman/issues/6912

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/networking_linux.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'libpod/networking_linux.go')

diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 9be8e0b14..8b08d3d5f 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -224,6 +224,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
 	logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID))
 
 	isSlirpHostForward := false
+	disableHostLoopback := true
 	if ctr.config.NetworkOptions != nil {
 		slirpOptions := ctr.config.NetworkOptions["slirp4netns"]
 		for _, o := range slirpOptions {
@@ -232,6 +233,10 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
 				isSlirpHostForward = true
 			case "port_handler=rootlesskit":
 				isSlirpHostForward = false
+			case "allow_host_loopback=true":
+				disableHostLoopback = false
+			case "allow_host_loopback=false":
+				disableHostLoopback = true
 			default:
 				return errors.Errorf("unknown option for slirp4netns: %q", o)
 
@@ -244,7 +249,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
 	if err != nil {
 		return errors.Wrapf(err, "error checking slirp4netns binary %s: %q", path, err)
 	}
-	if slirpFeatures.HasDisableHostLoopback {
+	if disableHostLoopback && slirpFeatures.HasDisableHostLoopback {
 		cmdArgs = append(cmdArgs, "--disable-host-loopback")
 	}
 	if slirpFeatures.HasMTU {
-- 
cgit v1.2.3-54-g00ecf