-
Bug
-
Resolution: Done
-
Normal
-
rhel-10.0
-
No
-
Moderate
-
0day
-
3
-
rhel-container-tools
-
3
-
False
-
False
-
-
None
-
RUN 267, RUN 268, RUN 269
-
Pass
-
Manual
-
Unspecified
-
Unspecified
-
Unspecified
-
-
All
-
None
What were you trying to do that didn't work?
When running `podman run -p 8080:80 fedora sh` on a RHEL 10.0 system with firewalld `StrictForwardPorts` setting enabled, the Podman command does not fail when it should.
What is the impact of this issue to you?
Users of the firewalld `StrictForwardPorts` setting should be told by Podman (via Netavark, which will perform the actual check) that their port-forward rules will not function. Instead, the rules are being applied without any error or warning, producing confusion for users when their containers do not have working port forwarding.
Please provide the package NVR for which the bug is seen:
podman-5.4.0-1.el10.x86_64
netavark-1.14.0-1.el10.x86_64
firewalld-2.3.0-2.el10.noarch
How reproducible is this bug?:
100%
Steps to reproduce
- Install Podman, Netavark on a 10.0 system
- Ensure firewalld is enabled with `firewall-cmd --list-all`
- Change `StrictForwardPorts` in `/etc/firewalld/firewalld.conf` to `yes`
- Reload firewalld with `systemctl restart firewalld`
- Run any Podman container with ports forwarded: `podman run -t -i -p 8080:80 fedora sh` or similar
Expected results
Podman command errors that port forwarding is not supported in this configuration
Actual results
Command succeeds with no warning or error
- is cloned by
-
-
- Closed
-
