net/containernetworking-plugins: update to 0.5

freebsd · Nov 9, 2023 · a6e5528 · a6e5528
1 parent e5e164e
commit a6e5528
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 11 deletions.
diff --git a/net/containernetworking-plugins/Makefile b/net/containernetworking-plugins/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	containernetworking-plugins
-DISTVERSION=	0.4
-PORTREVISION=	1
+DISTVERSION=	0.5
 CATEGORIES=	net
 
 MAINTAINER=	dfr@FreeBSD.org
@@ -15,7 +14,7 @@ BUILD_DEPENDS=	bash:shells/bash
 USE_GITHUB=	yes
 GH_ACCOUNT=	dfr
 GH_PROJECT=	plugins
-GH_TAGNAME=	freebsd-v0.4
+GH_TAGNAME=	freebsd-v${DISTVERSION}
 GH_TUPLE=	golang:sys:v0.6.0:sys
 
 pre-patch:

diff --git a/net/containernetworking-plugins/distinfo b/net/containernetworking-plugins/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1692269530
-SHA256 (dfr-plugins-0.4-freebsd-v0.4_GH0.tar.gz) = 475d9e194d0fb84ba1b8a3c5ad363a016f75c6adddef02fb71aefb7e705413f9
-SIZE (dfr-plugins-0.4-freebsd-v0.4_GH0.tar.gz) = 4198780
+TIMESTAMP = 1697295741
+SHA256 (dfr-plugins-0.5-freebsd-v0.5_GH0.tar.gz) = ae97b270a350a291e96a57a964df84cf7a3d82311e3a8b0476f1e0e95b9bbb7f
+SIZE (dfr-plugins-0.5-freebsd-v0.5_GH0.tar.gz) = 4198686
 SHA256 (golang-sys-v0.6.0_GH0.tar.gz) = b4f6d17c7a128f76169964b437cb66b3f2dbf9a33361928ec19dfecf7b03fc54
 SIZE (golang-sys-v0.6.0_GH0.tar.gz) = 1434234
diff --git a/net/containernetworking-plugins/files/pf.conf.sample b/net/containernetworking-plugins/files/pf.conf.sample
@@ -6,4 +6,5 @@ nat on $v4egress_if inet from <cni-nat> to any -> ($v4egress_if)
 nat on $v6egress_if inet6 from <cni-nat> to !ff00::/8 -> ($v6egress_if)
 
 rdr-anchor "cni-rdr/*"
+nat-anchor "cni-rdr/*"
 table <cni-nat>
diff --git a/net/containernetworking-plugins/pkg-message b/net/containernetworking-plugins/pkg-message
@@ -21,10 +21,19 @@ enable PF support for these redirections using sysctl:
 # sysctl net.pf.filter_local=1
 # service pf restart
 
-These redirect rules do not currently work if the destination address is
-localhost (e.g. 127.0.0.1 or ::1) - always use the hosts IP address when
-connecting to a service inside a container using a port redirection. For example
-if host port 1234 is redirected to an http service running in a container, you
-could connect to it using:
+Redirect rules will work if the destination address is localhost (e.g. 127.0.0.1
+or ::1) - to enable this, the following line must be included in your
+/etc/pf.conf:
+
+nat-anchor "cni-rdr/*"
+
+if upgrading from an older version, this needs to be added to /etc/pf.conf.
+
+For example if host port 1234 is redirected to an http service running in a
+container, you could connect to it using:
 
 # fetch -o- http://$(hostname):1234
+
+or
+
+# fetch -o- http://localhost:1234