On Thu, 9 Mar 2023 13:31:19 +1100
David Gibson
On Thu, Mar 09, 2023 at 03:09:47AM +0100, Stefano Brivio wrote:
I didn't notice earlier: libslirp (and slirp4netns) supports binding outbound sockets to specific IPv4 and IPv6 addresses, to force the source addresse selection. If we want to claim feature parity, we should implement that as well.
Further, Podman supports specifying outbound interfaces as well, but this is simply done by resolving the primary address for an interface when the network back-end is started. However, since kernel version 5.7, commit c427bfec18f2 ("net: core: enable SO_BINDTODEVICE for non-root users"), we can actually bind to a specific interface name, which doesn't need to be validated in advance.
Implement -o / --outbound ADDR to bind to IPv4 and IPv6 addresses, and --outbound-ip4 and --outbound-ip6 to bind IPv4 and IPv6 sockets to given interfaces.
s/outbound-ip/outbound-if/g
Oops, again. Fixed in my tree. -- Stefano