conf: Allow binding to ports on an interface without a specific address

Somebody might want to bind listening sockets to a specific
interface, but not a specific address, and there isn't really a
reason to prevent that. For example:

  -t %eth0/2022

Alternatively, we support options such as -t 0.0.0.0%eth0/2022 and
-t ::%eth0/2022, but not together, for the same port.

Enable this kind of syntax and add examples to the man page.

Reported-by: Paul Holzinger <pholzing@redhat.com>
Link: https://github.com/containers/podman/issues/14425#issuecomment-1485192195
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2023-03-27 19:35:26 +02:00
parent 33d88f79d9
commit 98a9a7d9e5
2 changed files with 9 additions and 1 deletions

4
conf.c
View file

@ -263,7 +263,9 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
ifname++; ifname++;
} }
if (inet_pton(AF_INET, buf, addr)) if (ifname == buf + 1) /* Interface without address */
addr = NULL;
else if (inet_pton(AF_INET, buf, addr))
af = AF_INET; af = AF_INET;
else if (inet_pton(AF_INET6, buf, addr)) else if (inet_pton(AF_INET6, buf, addr))
af = AF_INET6; af = AF_INET6;

View file

@ -385,6 +385,9 @@ Forward local port 22, bound to 192.0.2.1, to port 22 on the guest
-t 192.0.2.1%eth0/22 -t 192.0.2.1%eth0/22
Forward local port 22, bound to 192.0.2.1 and interface eth0, to port 22 Forward local port 22, bound to 192.0.2.1 and interface eth0, to port 22
.TP .TP
-t %eth0/22
Forward local port 22, bound to any address on interface eth0, to port 22
.TP
-t 2000-5000,~3000-3010 -t 2000-5000,~3000-3010
Forward local ports between 2000 and 5000, except for those between 3000 and Forward local ports between 2000 and 5000, except for those between 3000 and
3010 3010
@ -467,6 +470,9 @@ Forward local port 22, bound to 192.0.2.1, to port 22 in the target namespace
-t 192.0.2.1%eth0/22 -t 192.0.2.1%eth0/22
Forward local port 22, bound to 192.0.2.1 and interface eth0, to port 22 Forward local port 22, bound to 192.0.2.1 and interface eth0, to port 22
.TP .TP
-t %eth0/22
Forward local port 22, bound to any address on interface eth0, to port 22
.TP
-t 2000-5000,~3000-3010 -t 2000-5000,~3000-3010
Forward local ports between 2000 and 5000, except for those between 3000 and Forward local ports between 2000 and 5000, except for those between 3000 and
3010 3010