* [Qemu-devel] [Bug 1696746] [NEW] netdev user, restrict=on prevents forwarded ports from being accessed from other systems
@ 2017-06-08 13:25 Nathan Rennie-Waldock
2020-11-16 18:05 ` [Bug 1696746] " Thomas Huth
2021-01-16 4:17 ` Launchpad Bug Tracker
0 siblings, 2 replies; 3+ messages in thread
From: Nathan Rennie-Waldock @ 2017-06-08 13:25 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
I've got a guest only network and I'm wanting to access SSH on one of the guests externally.
I'm using -netdev user,id=usernet0,hostfwd=tcp::2222-:22,restrict=yes -device virtio-net-pci,netdev=usernet0
to forward 2222 to 22 in the guest.
The docs state:
restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it will
not be able to contact the host and no guest IP packets will be routed
over the host to the outside. This option does not affect any explicitly
set forwarding rules.
However, with restrict=on, the forwarded port is only accessible from the host. Other systems receive no data.
This was tested with qemu 2.8. Changelog for 2.9 doesn't mention any
(relevant) user networking changes, so that should also fail.
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1696746
Title:
netdev user,restrict=on prevents forwarded ports from being accessed
from other systems
Status in QEMU:
New
Bug description:
I've got a guest only network and I'm wanting to access SSH on one of the guests externally.
I'm using -netdev user,id=usernet0,hostfwd=tcp::2222-:22,restrict=yes -device virtio-net-pci,netdev=usernet0
to forward 2222 to 22 in the guest.
The docs state:
restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it
will not be able to contact the host and no guest IP packets will be
routed over the host to the outside. This option does not affect any
explicitly set forwarding rules.
However, with restrict=on, the forwarded port is only accessible from the host. Other systems receive no data.
This was tested with qemu 2.8. Changelog for 2.9 doesn't mention any
(relevant) user networking changes, so that should also fail.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1696746/+subscriptions
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug 1696746] Re: netdev user, restrict=on prevents forwarded ports from being accessed from other systems
2017-06-08 13:25 [Qemu-devel] [Bug 1696746] [NEW] netdev user, restrict=on prevents forwarded ports from being accessed from other systems Nathan Rennie-Waldock
@ 2020-11-16 18:05 ` Thomas Huth
2021-01-16 4:17 ` Launchpad Bug Tracker
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Huth @ 2020-11-16 18:05 UTC (permalink / raw)
To: qemu-devel
slirp (i.e. user networking) has been moved to a separate project...
does this problem still persist with the latest version of QEMU? If so,
could you please report it to the libslirp project instead:
https://gitlab.freedesktop.org/slirp/libslirp/-/issues
Thanks!
** Changed in: qemu
Status: New => Incomplete
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1696746
Title:
netdev user,restrict=on prevents forwarded ports from being accessed
from other systems
Status in QEMU:
Incomplete
Bug description:
I've got a guest only network and I'm wanting to access SSH on one of the guests externally.
I'm using -netdev user,id=usernet0,hostfwd=tcp::2222-:22,restrict=yes -device virtio-net-pci,netdev=usernet0
to forward 2222 to 22 in the guest.
The docs state:
restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it
will not be able to contact the host and no guest IP packets will be
routed over the host to the outside. This option does not affect any
explicitly set forwarding rules.
However, with restrict=on, the forwarded port is only accessible from the host. Other systems receive no data.
This was tested with qemu 2.8. Changelog for 2.9 doesn't mention any
(relevant) user networking changes, so that should also fail.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1696746/+subscriptions
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug 1696746] Re: netdev user, restrict=on prevents forwarded ports from being accessed from other systems
2017-06-08 13:25 [Qemu-devel] [Bug 1696746] [NEW] netdev user, restrict=on prevents forwarded ports from being accessed from other systems Nathan Rennie-Waldock
2020-11-16 18:05 ` [Bug 1696746] " Thomas Huth
@ 2021-01-16 4:17 ` Launchpad Bug Tracker
1 sibling, 0 replies; 3+ messages in thread
From: Launchpad Bug Tracker @ 2021-01-16 4:17 UTC (permalink / raw)
To: qemu-devel
[Expired for QEMU because there has been no activity for 60 days.]
** Changed in: qemu
Status: Incomplete => Expired
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1696746
Title:
netdev user,restrict=on prevents forwarded ports from being accessed
from other systems
Status in QEMU:
Expired
Bug description:
I've got a guest only network and I'm wanting to access SSH on one of the guests externally.
I'm using -netdev user,id=usernet0,hostfwd=tcp::2222-:22,restrict=yes -device virtio-net-pci,netdev=usernet0
to forward 2222 to 22 in the guest.
The docs state:
restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it
will not be able to contact the host and no guest IP packets will be
routed over the host to the outside. This option does not affect any
explicitly set forwarding rules.
However, with restrict=on, the forwarded port is only accessible from the host. Other systems receive no data.
This was tested with qemu 2.8. Changelog for 2.9 doesn't mention any
(relevant) user networking changes, so that should also fail.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1696746/+subscriptions
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-01-16 4:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-08 13:25 [Qemu-devel] [Bug 1696746] [NEW] netdev user, restrict=on prevents forwarded ports from being accessed from other systems Nathan Rennie-Waldock
2020-11-16 18:05 ` [Bug 1696746] " Thomas Huth
2021-01-16 4:17 ` Launchpad Bug Tracker
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).