search

containers / gvisor-tap-vsock

A new network stack based on gVisor
Apache License 2.0
269 stars 50 forks source link

Disable ssh port forwarding when value of -ssh-port is -1 #403

Closed vyasgun closed 1 month ago

vyasgun commented 1 month ago

This is a fix for https://github.com/containers/gvisor-tap-vsock/issues/402

The default value for the flag is 2222 which should not happen when -1 is provided.

Tested as follows:

gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock % bin/gvproxy -debug -listen unix:///tmp/network.sock -listen-qemu tcp://0.0.0.0:1234 -ssh-port 55556
INFO[0000] gvproxy version gitd1683b9b-dirty
INFO[0000] waiting for clients...
INFO[0000] listening unix:///tmp/network.sock

gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock % lsof -i :55556
COMMAND   PID  USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
gvproxy 60527 gvyas    7u  IPv4 0xef6992879c346520      0t0  TCP localhost:55556 (LISTEN)
gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock % bin/gvproxy -debug -listen unix:///tmp/network.sock -listen-qemu tcp://0.0.0.0:1234
INFO[0000] gvproxy version gitd1683b9b-dirty
INFO[0000] waiting for clients...
INFO[0000] listening unix:///tmp/network.sock

gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock % lsof -i :2222
COMMAND   PID  USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
gvproxy 60743 gvyas    7u  IPv4 0xb6a79b454352e9f5      0t0  TCP localhost:rockwell-csp2 (LISTEN)
gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock % bin/gvproxy -debug -listen unix:///tmp/network.sock -listen-qemu tcp://0.0.0.0:1234 -ssh-port -1
INFO[0000] gvproxy version gitd1683b9b-dirty
INFO[0000] waiting for clients...
INFO[0000] listening unix:///tmp/network.sock

gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock % lsof -i :2222
gvyas@Gunjans-MacBook-Pro gvisor-tap-vsock %
cfergeau commented 1 month ago

The "DCO" failure can be fixed if you amend your commit with git commit --amend -s

vyasgun commented 1 month ago

@cfergeau thanks, updated!

cfergeau commented 1 month ago

/lgtm /approve

openshift-ci[bot] commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cfergeau, vyasgun

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/containers/gvisor-tap-vsock/blob/main/OWNERS)~~ [cfergeau] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment