netavark icon indicating copy to clipboard operation
netavark copied to clipboard

Published 20 hours ago verified publisher icon containers

[WIP] Finalize firewalld port forwarding support

Open mheon opened this issue 5 months ago • 4 comments

There are two major changes here.

Firstly, this adds proper support for port forwarding from localhost via a new policy accepting traffic from HOST. This is the last bit we were missing from the original port-forwarding implementation.

Secondly, this fixes a bug where we generated incorrect rules when port-forwarding from a single IP. Instead of doing standard port-forwarding rules, those need rich rules. This was reported as #881.

There are also some small code cleanups in how we handle setting up and tearing down port forwarding. It's still rather ugly, but at least a little better than it was before.

Fixes #881

mheon avatar Jan 15 '24 16:01 mheon