diff options
author | Victor Kareh <vkareh@redhat.com> | 2021-01-18 15:28:52 -0500 |
---|---|---|
committer | Brian May <brian@linuxpenguins.xyz> | 2021-03-05 08:53:53 +1100 |
commit | 167a57e739bf62b83dcfb46e7d01a581981ef431 (patch) | |
tree | 9cb75c1c02ac0df67297b408cc4eda2ec130a08b /sshuttle/methods/pf.py | |
parent | 0e51da519fe5e277fd77ac7860a4f39b5f7e5e78 (diff) |
firewall: Allow overriding the TTL
In instances where a cluster pod in a local VM needs to access a server
that is sshuttle'd from the host, since the packets arriving at the host
already made a hop, their TTL is 63 and so get ignored by sshuttle.
Allowing an override of the firewall TTL rule allows the packets to go
through.
Diffstat (limited to 'sshuttle/methods/pf.py')
-rw-r--r-- | sshuttle/methods/pf.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sshuttle/methods/pf.py b/sshuttle/methods/pf.py index 4119273..1bc67e7 100644 --- a/sshuttle/methods/pf.py +++ b/sshuttle/methods/pf.py @@ -444,7 +444,7 @@ class Method(BaseMethod): return sock.getsockname() def setup_firewall(self, port, dnsport, nslist, family, subnets, udp, - user): + user, ttl): if family not in [socket.AF_INET, socket.AF_INET6]: raise Exception( 'Address family "%s" unsupported by pf method_name' |