code-server icon indicating copy to clipboard operation
code-server copied to clipboard

Published 20 hours ago verified publisher icon coder

[Bug]: Unexpected Port Forwarding Behavior

Open Ninofj opened this issue 1 year ago • 3 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

OS/Web Information

  • Web Browser: Chrome v120.0
  • Local OS: Windows
  • Remote OS: Ubuntu 22.04
  • Remote Architecture: x64
  • code-server --version: v4.19.1

I noticed on a new Ubuntu VM with a new Code Server instance that during port forwarding in the terminal, ports are displayed for which no service or script was started. Is this behavior normal? Or are these services being used by Code Server itself?

When I run sudo ss -tuln I can't see the ports open on the machine.

screen-code-server

Steps to Reproduce

  1. start code server
  2. open terminal
  3. wait until ports open (not everytime)

Expected

Only ports should open and forward for services which are known (maybe security issue?)

Actual

Unknown ports forwarding

Logs

No response

Screenshot/Video

No response

Does this issue happen in VS Code or GitHub Codespaces?

  • [X] I cannot reproduce this in VS Code.
  • [X] I cannot reproduce this in GitHub Codespaces.

Are you accessing code-server over a secure context?

  • [X] I am using a secure context.

Notes

No response

Ninofj avatar Dec 14 '23 20:12 Ninofj

I looked into the code upstream and it seems they read /proc/net/tcp and /proc/net/tcp6: https://github.com/microsoft/vscode/blob/9e3aaa4ac4410cf029e505c922c425b417ea1633/src/vs/workbench/api/node/extHostTunnelService.ts#L246-L247

So, supposedly you should see the ports there, although if so I am not sure why ss is missing them. Maybe try ss -tun? Would be weird if VS Code was showing non-listening ports though.

code-asher avatar Dec 15 '23 20:12 code-asher

Here is the result of ss -tun

screen-code-server2

I am using Caddy as a reverse proxy, and to rule out any VM-related issues, I set up a fresh Debian VM (instead of Ubuntu), installed Code Server, and encountered the same problem. Oddly enough, even the forwarded ports are identical. However, it's the same reverse proxy configuration.

My config.yaml

bind-addr: 0.0.0.0:8080 auth: password password: 30.... cert: false

Caddyfile (reverse proxy)

domain { reverse_proxy 192.168.2.206:8080 tls { resolvers 8.8.8.8 }

Ninofj avatar Dec 15 '23 22:12 Ninofj

Sorry for never responding. Is this still occurring? I wonder if you cat the /proc/net/tcp and /proc/net/tcp6 files you will get different results than ss -tun. Or maybe I have misunderstood how VS Code gathers these ports.

I think to move forward we need a way to reproduce, but also since this code is upstream in VS Code we will likely need to fix it there instead of in code-server.

code-asher avatar Jul 12 '24 22:07 code-asher