arizvisa
dice
if you're using
#podman #networking #isolation #pasta
podman(1) with pasta(1) (rootless), you can fwd a port to a local service and still remain unroutable using a combination of the -i and -I params like: podman run ... --network=pasta:-i,lo,-I,fake-tap,-T,$port $image. the "-i" parameter specifies to use addr and routing info from "lo", ...#podman #networking #isolation #pasta
..and as i understand it, the "-I" parameter is needed for the tap name since there's no interface (other than loopback) to inherit naming information from.
