search

coder / code-server

VS Code in the browser
https://coder.com
MIT License
67.65k stars 5.55k forks source link

[Bug]: Unexpected Port Forwarding Behavior #6586

Open Ninofj opened 9 months ago

Ninofj commented 9 months ago

Is there an existing issue for this?

OS/Web Information

I noticed on a new Ubuntu VM with a new Code Server instance that during port forwarding in the terminal, ports are displayed for which no service or script was started. Is this behavior normal? Or are these services being used by Code Server itself?

When I run sudo ss -tuln I can't see the ports open on the machine.

screen-code-server

Steps to Reproduce

  1. start code server
  2. open terminal
  3. wait until ports open (not everytime)

Expected

Only ports should open and forward for services which are known (maybe security issue?)

Actual

Unknown ports forwarding

Logs

No response

Screenshot/Video

No response

Does this issue happen in VS Code or GitHub Codespaces?

Are you accessing code-server over a secure context?

Notes

No response

code-asher commented 9 months ago

I looked into the code upstream and it seems they read /proc/net/tcp and /proc/net/tcp6: https://github.com/microsoft/vscode/blob/9e3aaa4ac4410cf029e505c922c425b417ea1633/src/vs/workbench/api/node/extHostTunnelService.ts#L246-L247

So, supposedly you should see the ports there, although if so I am not sure why ss is missing them. Maybe try ss -tun? Would be weird if VS Code was showing non-listening ports though.

Ninofj commented 9 months ago

Here is the result of ss -tun

screen-code-server2

I am using Caddy as a reverse proxy, and to rule out any VM-related issues, I set up a fresh Debian VM (instead of Ubuntu), installed Code Server, and encountered the same problem. Oddly enough, even the forwarded ports are identical. However, it's the same reverse proxy configuration.

My config.yaml

bind-addr: 0.0.0.0:8080 auth: password password: 30.... cert: false

Caddyfile (reverse proxy)

domain { reverse_proxy 192.168.2.206:8080 tls { resolvers 8.8.8.8 }

code-asher commented 2 months ago

Sorry for never responding. Is this still occurring? I wonder if you cat the /proc/net/tcp and /proc/net/tcp6 files you will get different results than ss -tun. Or maybe I have misunderstood how VS Code gathers these ports.

I think to move forward we need a way to reproduce, but also since this code is upstream in VS Code we will likely need to fix it there instead of in code-server.