Package: systemd-container
Version: 241-5
Severity: wishlist
systemd-nspawn --port=tcp:2022:22 redirects
port 2022/tcp (on the host) to
port 22/tcp (on the guest).
(This is equivalent to "-net user,hostfwd=::2022-:22" in qemu VMs.)
AFAICT systemd-nspawn only does this for IPv4 (not IPv6).
This was not obvious to me from the manpage.
Please either fix --port to support IPv6, or
clearly document that --port is IPv4-only.
I suggest something like the below.
PS: I also fixed the confusing phrase "IP port".
Per the nft(8) manpage,
IPv4 and IPv6 do not have ports.
TCP, UDP, UDP-Lite, and SCTP have ports.
PPS: Based on "iptables -m sctp --help", it should be trivial to add SCTP
support to --port=.
(I don't personally care about that.)
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 8c1a1e6871..1a5ec798ed 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -916,8 +916,8 @@
<term><option>-p</option></term>
<term><option>--port=</option></term>
- <listitem><para>If private networking is enabled, maps an IP
- port on the host onto an IP port on the container. Takes a
+ <listitem><para>If private networking is enabled, maps a TCP (or UDP)
+ port on the host onto a TCP (or UDP) port on the container. Takes a
protocol specifier (either <literal>tcp</literal> or
<literal>udp</literal>), separated by a colon from a host port
number in the range 1 to 65535, separated by a colon from a
@@ -928,7 +928,9 @@
same port as the host port is implied. This option is only
supported if private networking is used, such as with
<option>--network-veth</option>, <option>--network-zone=</option>
- <option>--network-bridge=</option>.</para></listitem>
+ <option>--network-bridge=</option>.</para>
+
+ <para>As at systemd v242, this option always affects IPv4, and never
affects IPv6.</para></listitem>
</varlistentry>
</variablelist>
