Package: systemd-container
Version: 241-5
Severity: wishlist
systemd-nspawn --port=tcp:2022:22 redirects
port 2022/tcp (on the host) to
port 22/tcp (on the guest).
(This is equivalent to "-net user,hostfwd=::2022-:22" in qemu VMs.)
AFAICT systemd-nspawn only does this for IPv4 (not IPv6).
This was not obvious to me from the manpage.
Please either fix --port to support IPv6, or
clearly document that --port is IPv4-only.
I suggest something like the below.
PS: I also fixed the confusing phrase "IP port".
Per the nft(8) manpage,
IPv4 and IPv6 do not have ports.
TCP, UDP, UDP-Lite, and SCTP have ports.
PPS: Based on "iptables -m sctp --help", it should be trivial to add SCTP
support to --port=.
(I don't personally care about that.)
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 8c1a1e6871..1a5ec798ed 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -916,8 +916,8 @@
-p
--port=
-If private networking is enabled, maps an IP
-port on the host onto an IP port on the container. Takes a
+If private networking is enabled, maps a TCP (or UDP)
+port on the host onto a TCP (or UDP) port on the container. Takes a
protocol specifier (either tcp or
udp), separated by a colon from a host port
number in the range 1 to 65535, separated by a colon from a
@@ -928,7 +928,9 @@
same port as the host port is implied. This option is only
supported if private networking is used, such as with
--network-veth, --network-zone=
---network-bridge=.
+--network-bridge=.
+
+As at systemd v242, this option always affects IPv4, and never
affects IPv6.
