Rob Murray

> Somewhat off-topic, ... Yes, I think we could make a port binding imply an exposed port - but we'd still need to deal with matching them properly when there's...

Hi @halms - thank you for digging in to it and reporting the issue, much appreciated ... I'll take a look.

Hi @chriscroome - just to check, you're also using a bridge network with `gateway_mode=routed`, and the issue is accessing a port published from a container in a different network?

Ah, ok - thanks @chriscroome... it's probably best if you raise a new issue, I don't think it'll be the same as this. Along with the usual info on a...

> Maybe [#49498](https://github.com/moby/moby/issues/49498) is the same issue but I'm not using tailscale Hi @Tofandel - yes, I think it's more likely to be the other issue ... unless you're using...

Hi @halms - just coming back to this ... I can reproduce the problem in 28.x, with userland-proxy disabled. With the proxy enabled it works ok. But, I get the...

Oh ok, got it! Thank you. I think the change in the nat rules probably was wrong ... I'll check it out some more.

> Running `/usr/bin/wslinfo` as root is not ideal, especially on non-WSL environments. Some ideas: > > * Run wslinfo as an unprivileged user. But which user? > * Sandbox the...

> > If we're wrong, which seems unlikely (unless it's deliberate) > > That's what I'm worried about: some attacker tricking dockerd into executing attacker-controlled code as root. Yes, agreed...

> This PR fixes the issue listed in [microsoft/WSL#10494](https://github.com/microsoft/WSL/issues/10494) for the loopback interface only, sadly. Running `docker run -ti --rm -p 192.168.1.100:8080:80 traefik/whoami` and opening `http://192.168.1.100:8080/` in the browser on...