blob: 58862fb5fb10b13b4f32904461fcf1b7650505cc (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
network: 0.803
socket: 0.698
device: 0.672
graphic: 0.648
semantic: 0.569
performance: 0.425
permissions: 0.344
other: 0.323
PID: 0.322
boot: 0.197
vnc: 0.195
debug: 0.183
files: 0.077
KVM: 0.066
netdev user,restrict=on prevents forwarded ports from being accessed from other systems
I've got a guest only network and I'm wanting to access SSH on one of the guests externally.
I'm using -netdev user,id=usernet0,hostfwd=tcp::2222-:22,restrict=yes -device virtio-net-pci,netdev=usernet0
to forward 2222 to 22 in the guest.
The docs state:
restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it will not be able to contact the host and no guest IP packets will be routed over the host to the outside. This option does not affect any explicitly set forwarding rules.
However, with restrict=on, the forwarded port is only accessible from the host. Other systems receive no data.
This was tested with qemu 2.8. Changelog for 2.9 doesn't mention any (relevant) user networking changes, so that should also fail.
slirp (i.e. user networking) has been moved to a separate project... does this problem still persist with the latest version of QEMU? If so, could you please report it to the libslirp project instead:
https://gitlab.freedesktop.org/slirp/libslirp/-/issues
Thanks!
[Expired for QEMU because there has been no activity for 60 days.]
|