Windows-Containers
Windows-Containers copied to clipboard
microsoft
Applying ACLPolicy for HNSEndpoint is broken in WindowsServer2025
Describe the bug When I create an ACLPolicy for HNSEndpoint, it fails to apply in Windows Server 2025 Containers. This behavior works as expected in Windows Server 2019. It's unclear what has changed in the latest version of Windows Server to break this behavior. The lack of being able to apply ACLPolicy for NAT indicates that containers on Windows Server 2025 can talk to any internal IP. For context, we have been able to shield containers from reaching internal IPs in Windows Server 2019, but we've lost this ability in Windows Server 2025.
To Reproduce
- Create container-1 in docker, capture the IP-Address, and run a simple web server on port 8080
- Create container-2 in docker, capture the IP-Address
- If you curl.exe container-1:8080 (from inside container-2), you should see the response from the server. That's expected because by default there is not ACLPolicy.
- Run
Get-HNSEndpointon the host to get the Endpoint-ID for container-2 - Execute acl-policy.exe (a simple binary that sets ACLPolicy) e.g.
c:\acl-policy.exe endoint-id-from-step-4 ip-address-for-container-2 ip-address-for-container-1. This will create an ACLPolicy to Block Outgoing traffic from container-2 to container-1. - Re-run the
curl.exefrom step 3 and you still see container-2 is able to talk to container-1
Expected behavior
When I re-run the curl.exe in container-2 I expect to see an error after setting the ACLPolicy
Configuration:
- Edition: Windows Server
- Base Image being used: Windows Server Core
- Container engine: docker
- Container Engine version N/A
Additional context Simple acl-policy binary:
package main
import (
"fmt"
"os"
"encoding/json"
"github.com/Microsoft/hcsshim"
)
func main() {
endpointId := os.Args[1]
source := os.Args[2]
dest := os.Args[3]
endpoint, err := hcsshim.GetHNSEndpointByID(endpointId)
if err != nil {
fmt.Printf("ERR GetHNSEndpointByID: %+v\n", err.Error())
os.Exit(1)
}
acl := &hcsshim.ACLPolicy{
Type: hcsshim.ACL,
Action: hcsshim.Block,
Direction: hcsshim.Out,
Protocol: uint16(256),
LocalAddresses: source,
RemoteAddresses: dest,
}
policy, err := json.Marshal(acl)
if err != nil {
fmt.Printf("ERR json.Marshal: %+v\n", err.Error())
os.Exit(1)
}
endpoint.Policies = append(endpoint.Policies, policy)
_, err = endpoint.Update()
if err != nil {
fmt.Printf("ERR endpoint.Update: %+v\n", err.Error())
os.Exit(1)
}
fmt.Printf("Updated endpoint to BLOCK %s from %s\n", dest, source)
}
Simple WebServer in powershell for container-1:
$listener = New-Object System.Net.HttpListener
$listener.Prefixes.Add("http://+:8080/")
$listener.Start()
Write-Host "Listening on http://+:8080/"
while ($listener.IsListening) {
$context = $listener.GetContext()
$request = $context.Request
$response = $context.Response
$response.ContentType = "text/plain"
$response.StatusCode = 200
$response.StatusDescription = "OK"
$output = $response.OutputStream
$writer = New-Object System.IO.StreamWriter($output)
$writer.Write("Hello from PowerShell Server!")
$writer.Flush()
$writer.Close()
}
$listener.Stop()
Thank you for creating an Issue. Please note that GitHub is not an official channel for Microsoft support requests. To create an official support request, please open a ticket here. Microsoft and the GitHub Community strive to provide a best effort in answering questions and supporting Issues on GitHub.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@ntrappe-msft Can you please triage this issue ? This is quite an important issue with Windows Server 2025.
This issue has been open for 30 days with no updates. no assignees, please provide an update or close this issue.
![microsoft-github-policy-service[bot] avatar](https://avatars.githubusercontent.com/in/95686?v=4 "Published by a pub.dev verified publisher"){kind=small}