Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support port forwarding for privileged ports (1-1023) #283

Merged
merged 1 commit into from
Oct 7, 2021
Merged

Support port forwarding for privileged ports (1-1023) #283

merged 1 commit into from
Oct 7, 2021

Conversation

AkihiroSuda
Copy link
Member

On macOS, listening on 127.0.0.1:80 requires root while 0.0.0.0:80 does not require root.

For such ports, the hostagent launches "pseudoloopback" forwarder that listens on 0.0.0.0:80 but rejects connections from non-loopback src IP.

Fix #45

@AkihiroSuda
Copy link
Member Author

cc @jandubois @mattfarina

This was referenced Oct 1, 2021
Closed
Merged
@AkihiroSuda AkihiroSuda added this to the v0.7.0 milestone Oct 1, 2021
@AkihiroSuda AkihiroSuda marked this pull request as draft October 2, 2021 18:37
@AkihiroSuda AkihiroSuda marked this pull request as ready for review October 2, 2021 18:47
jandubois
jandubois reviewed Oct 7, 2021
View reviewed changes
pkg/hostagent/port_darwin.go Outdated
}
plf, err := newPseudoLoopbackForwarder(localPort, localUnix)
if err != nil {
_ = os.RemoveAll(localUnixDir)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this also call forwardSSH(ctx, sshConfig, port, localUnix, remote, true) to tear down the unused forward?

@AkihiroSuda
Support port forwarding for privileged ports (1-1023)
fa0c7ba 
On macOS, listening on 127.0.0.1:80 requires root while 0.0.0.0:80 does not require root.

For such ports, the hostagent launches "pseudoloopback" forwarder that listens on 0.0.0.0:80
but rejects connections from non-loopback src IP.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
jandubois
jandubois approved these changes Oct 7, 2021
View reviewed changes
Copy link
Member

@jandubois jandubois left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jandubois jandubois merged commit 90e6c9d into lima-vm:master Oct 7, 2021
@werediver werediver mentioned this pull request Jan 24, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jandubois jandubois jandubois approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.7.0
Development

Successfully merging this pull request may close these issues.

Support port forwarding for privileged ports (1-1023)
2 participants
@AkihiroSuda @jandubois