diff --git a/net/containernetworking-plugins/Makefile b/net/containernetworking-plugins/Makefile index 285c60d4a692..296cecb691e4 100644 --- a/net/containernetworking-plugins/Makefile +++ b/net/containernetworking-plugins/Makefile @@ -1,34 +1,34 @@ PORTNAME= containernetworking-plugins DISTVERSION= 0.5 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net MAINTAINER= dfr@FreeBSD.org COMMENT= Networking plugins for container networking support WWW= https://www.cni.dev/ LICENSE= GPLv2 USES= go:no_targets BUILD_DEPENDS= bash:shells/bash USE_GITHUB= yes GH_ACCOUNT= dfr GH_PROJECT= plugins GH_TAGNAME= freebsd-v${DISTVERSION} GH_TUPLE= golang:sys:v0.6.0:sys pre-patch: ${RM} -r ${WRKSRC}/vendor/golang.org/x/sys ${LN} -s ${WRKDIR}/sys-* ${WRKSRC}/vendor/golang.org/x/sys do-build: cd ${WRKSRC} && ${SETENV} XDG_CACHE_HOME=${WRKDIR}/.cache GO=${GO_CMD} ./build_freebsd.sh do-install: ${MKDIR} ${STAGEDIR}${PREFIX}/libexec/cni ${MKDIR} ${STAGEDIR}${PREFIX}/etc/containers cd ${WRKSRC} && ${INSTALL_PROGRAM} bin/* ${STAGEDIR}${PREFIX}/libexec/cni ${INSTALL_DATA} files/pf.conf.sample ${STAGEDIR}${PREFIX}/etc/containers .include diff --git a/net/containernetworking-plugins/pkg-descr b/net/containernetworking-plugins/pkg-descr index cc57e1bcaf5c..b035de52b3c9 100644 --- a/net/containernetworking-plugins/pkg-descr +++ b/net/containernetworking-plugins/pkg-descr @@ -1,3 +1,3 @@ CNI plugins for container networking support. This is used by -container engines such as podman and buildah to setup and teardown +container engines such as Podman and Buildah to setup and teardown network access for containers. diff --git a/net/containernetworking-plugins/pkg-message b/net/containernetworking-plugins/pkg-message index bae89ef8843a..4196050022cf 100644 --- a/net/containernetworking-plugins/pkg-message +++ b/net/containernetworking-plugins/pkg-message @@ -1,39 +1,39 @@ Container networking relies on NAT to allow container network packets out to the host's network. This requires a PF firewall to perform the translation. A simple example is included - to use it: # cp /usr/local/etc/containers/pf.conf.sample /etc/pf.conf ... -Edit /etc/pf.conf and set v4egress_if, v6egress_if to your network interface(s)s +Edit /etc/pf.conf and set v4egress_if, v6egress_if to your network interface(s) ... # sysrc pf_enable=YES # service pf start The sample PF configuration includes support for port redirections. These are implemented as redirect rules in anchors nested under cni-rdr. Support for redirecting connections from the container host to services running inside a container is included for FreeBSD 13.3 and later. To enable this, first load the pf kernel module, by adding pf_load="YES" to /boot/loader.conf and enable PF support for these redirections using sysctl: # kldload pf # sysctl net.pf.filter_local=1 # service pf restart Redirect rules will work if the destination address is localhost (e.g. 127.0.0.1 or ::1) - to enable this, the following line must be included in your /etc/pf.conf: nat-anchor "cni-rdr/*" if upgrading from an older version, this needs to be added to /etc/pf.conf. For example if host port 1234 is redirected to an http service running in a container, you could connect to it using: # fetch -o- http://$(hostname):1234 or # fetch -o- http://localhost:1234