Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't seem to filter packets from slirp4netns #310

Open
tzugen opened this issue Jan 30, 2023 · 2 comments
Open

Can't seem to filter packets from slirp4netns #310

tzugen opened this issue Jan 30, 2023 · 2 comments
Labels
question Further information is requested

Comments

@tzugen
Copy link

tzugen commented Jan 30, 2023

I have setup the interface as described in the man page.

Now I want to create an IPtables rule to allow those packets while dropping anything else.
I had hoped that I could filter on the source address, but its simply the local address of the pc.

Is there a way to tag the packets, for example with a classid?
@AkihiroSuda AkihiroSuda added question Further information is requested enhancement New feature or request labels Jan 30, 2023
@AkihiroSuda
Copy link
Member

You can just run iptables in the network namespace for dropping packets by the source address that is visible in the network namespace, does that work for you?

@AkihiroSuda AkihiroSuda removed the enhancement New feature or request label Jan 30, 2023
@tzugen
Copy link
Author

tzugen commented Jan 31, 2023

@AkihiroSuda
Hey :)
This approach works if I want to drop packages from inside the namespace (=blacklisting)
I don't think it will work if I want to leave all packets from the namespace untouched, but disallow everything else outside the namespace (=whitelisting)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AkihiroSuda @tzugen