Date: Thu, 24 Aug 2023 15:24:42 GMT From: Doug Rabson <dfr@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 1e8393f74b6c - main - sysutils/podman-suite: update to 20230817 Message-ID: <202308241524.37OFOgv4094932@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by dfr: URL: https://cgit.FreeBSD.org/ports/commit/?id=1e8393f74b6cc6f1f75e5be1bfbd4aca1d8db0f9 commit 1e8393f74b6cc6f1f75e5be1bfbd4aca1d8db0f9 Author: Doug Rabson <dfr@FreeBSD.org> AuthorDate: 2023-08-17 10:59:10 +0000 Commit: Doug Rabson <dfr@FreeBSD.org> CommitDate: 2023-08-24 15:23:30 +0000 sysutils/podman-suite: update to 20230817 Approved by: imp Differential Revision: https://reviews.freebsd.org/D41490 --- net/containernetworking-plugins/pkg-message | 20 ++++++++++++++++++++ sysutils/podman-suite/Makefile | 2 +- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/net/containernetworking-plugins/pkg-message b/net/containernetworking-plugins/pkg-message index 32b0f5b9dde1..47db23aecfd1 100644 --- a/net/containernetworking-plugins/pkg-message +++ b/net/containernetworking-plugins/pkg-message @@ -8,3 +8,23 @@ Edit /etc/pf.conf and set v4egress_if, v6egress_if to your network interface(s)s ... # sysrc pf_enable=YES # service pf start + +The sample PF configuration includes support for port redirections. These are +implemented as redirect rules in anchors nested under cni-rdr. + +Support for redirecting connections from the container host to services running +inside a container is included for FreeBSD 13.3 and later. To enable this, first +load the pf kernel module, by adding pf_load="YES" to /boot/loader.conf and +enable PF support for these redirections using sysctl: + +# kldload pf +# sysctl net.pf.filter_local=1 +# service pf restart + +These redirect rules do not currently work if the destination address is +localhost (e.g. 127.0.0.1 or ::1) - always use the hosts IP address when +connecting to a service inside a container using a port redirection. For example +if host port 1234 is redirected to an http service running in a container, you +could connect to it using: + +# fetch -o- http://$(hostname):1234 diff --git a/sysutils/podman-suite/Makefile b/sysutils/podman-suite/Makefile index 2b9c01cd67ea..173c4b64cfd8 100644 --- a/sysutils/podman-suite/Makefile +++ b/sysutils/podman-suite/Makefile @@ -1,5 +1,5 @@ PORTNAME= podman-suite -PORTVERSION= 20230721 +PORTVERSION= 20230817 CATEGORIES= sysutils MAINTAINER= dfr@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202308241524.37OFOgv4094932>