bypass4netns
bypass4netns copied to clipboard
rootless-containers
[Experimental] Accelerates slirp4netns using SECCOMP_IOCTL_NOTIF_ADDFD. As fast as `--net=host`.
In the following example, `nerdctl exec dind docker exec nginx wget -O- http://127.0.0.1` is working as expected, but `nerdctl exec dind docker exec nginx wget -O- http://172.17.0.2` is failing with...
UDP support was temporarily removed in v0.4: - https://github.com/rootless-containers/bypass4netns/pull/39
The simplest container I could find that wouldn't work was this(webinterface cannot be accessed): ``` nerdctl run -it --rm -p 8080:8080 --label nerdctl/bypass4netns=true lscr.io/linuxserver/qbittorrent ``` it works fine without bypass4netns....
I've been having a read of https://pibvt.net/IPSJ-OS22156009.pdf and trying to understand how we can implement bypass4netns into our existing Kubernetes based docker in docker implementation. I'm not entirely sure where...
The [TOCTOU races mentioned in the README](https://github.com/rootless-containers/bypass4netns#warning-caveats-warning) can be eliminated if, instead of allowing [the connect(2) syscall to continue](https://github.com/rootless-containers/bypass4netns/blob/752f90f860d7ffb8f1f5d149453c8fb13d310a0c/pkg/bypass4netns/bypass4netns.go#L608), we run the syscall on behalf of the container and then...
> To inject it at socket(2) time safely, though, we need to use `SECCOMP_ADDFD_FLAG_SEND` in the addfd call. I added that flag to the kernel due to a race condition...
Bumps the golang-x group with 1 update in the / directory: [golang.org/x/sys](https://github.com/golang/sys). Updates `golang.org/x/sys` from 0.19.0 to 0.22.0 Commits faed7ec unix: add PthreadChdir and PthreadFchdir on darwin c892bb7 unix: fix...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.13 to 3.5.15. Release notes Sourced from go.etcd.io/etcd/client/v3's releases. v3.5.15 Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide...
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.7. Release notes Sourced from actions/checkout's releases. v4.1.7 What's Changed Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739 Bump...
Metadata
Owner
Metadata
[Experimental] Accelerates slirp4netns using SECCOMP_IOCTL_NOTIF_ADDFD. As fast as `--net=host`.