vopono icon indicating copy to clipboard operation
vopono copied to clipboard

Published 20 hours ago verified publisher icon jamesmcm

Access local network from vopono jail

Open Roethenbach opened this issue 2 years ago • 3 comments

Is it possible to access a service on a local host from within a vopono host?

Roethenbach avatar May 23 '22 18:05 Roethenbach

Not at the moment, I've only ever done vice versa with -f e.g. for hosting Jackett or transmission-daemon in vopono.

What would a good use case be? I don't think it'd be too hard to support, just some extra firewall rules.

jamesmcm avatar May 23 '22 18:05 jamesmcm

You can also tunnel traffic over unix sockets using one process outside the network namespace and one within.

For example:

host_hostname=$HOSTNAME
host_port=9999
vpn_hostname=localhost
vpn_port=9999
socket_path=/tmp/vpn-tunnel

outside:

ncat --listen --keep-open --sh-exec "ncat --unixsock $socket_path" $host_hostname $host_port

inside:

ncat --listen --keep-open --sh-exec "ncat $vpn_hostname $vpn_port" --unixsock $socket_path

ak-1 avatar Jul 18 '22 16:07 ak-1

This should be possible with --allow-host-access in 0.10.1 - please test it.

Note that from the network namespace you will need to use its IP address for the host - e.g. usually 10.200.1.1

jamesmcm avatar Jul 24 '22 14:07 jamesmcm

I've tested this and it works

SocietasCooperationis avatar Jan 30 '23 20:01 SocietasCooperationis

Fixed in 0.10.1 release with --allow-host-access

jamesmcm avatar May 05 '23 21:05 jamesmcm