fatherlinux

Rootless Low Port Hack

Oct 21st, 2019
721
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.55 KB | None | 0 0
  1. === Rootless on Low Port ===
  2. As root, run the following. This will protect ports below 80, like SSH:
  3. echo 80 > /proc/sys/net/ipv4/ip_unprivileged_port_start
  4.  
  5. As a user run the following tests:
  6. ssh fatherlinux@fedora.dc2.crunchtools.com
  7. podman run -it -id -p 80:80 ubi8 bash
  8. Output:
  9. 7467a65cd26cd4228196045141eb84aa021a0f7b8d761d2b48bea8933bd7a1b7
  10.  
  11. Run this to test failure:
  12. podman run -it -id -p 79:79 ubi8 bash
  13.  
  14. Output:
  15. Error: error from slirp4netns while setting up port redirection: map[desc:bad request: add_hostfwd: slirp_add_hostfwd failed]
Add Comment
Please, Sign In to add comment