| ▲ | mrbluecoat 7 hours ago | |||||||||||||||||||||||||||||||
> Docker repurposed SLIRP, a 1990s dial-up tool originally for Palm Pilots, to avoid triggering corporate firewall restrictions by translating container network traffic through host system calls instead of network bridging. Genuinely fascinating and clever solution! | ||||||||||||||||||||||||||||||||
| ▲ | mmh0000 5 hours ago | parent | next [-] | |||||||||||||||||||||||||||||||
Until recently, Podman used slirp4net[1] for its container networking. About two years ago, they switched over to Pasta[2][3] which works quite a bit differently. [1] https://github.com/rootless-containers/slirp4netns [2] https://blog.podman.io/2024/03/podman-5-0-breaking-changes-i... [3] https://passt.top/passt/about/#pasta-pack-a-subtle-tap-abstr... | ||||||||||||||||||||||||||||||||
| ▲ | redhanuman 6 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||||||||
repurposing a Palm Pilot dial-up tool to sneak container traffic past enterprise firewalls is unhinged and yet it worked the best infrastructure hacks are never clever in the moment they are just desperate that the cleverness only shows up after someone else has to maintain it. | ||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||
| ▲ | toast0 5 hours ago | parent | prev [-] | |||||||||||||||||||||||||||||||
I don't think SLIRP was originally for palm pilots, given it was released two years before. SLIRP was useful when you had a dial up shell, and they wouldn't give you slip or ppp; or it would cost extra. SLIRP is just a userspace program that uses the socket apis, so as long as you could run your own programs and make connections to arbitrary destinations, you could make a dial script to connect your computer up like you had a real ppp account. No incomming connections though (afaik), so you weren't really a peer on the internet, a foreshadowing of ubiquitous NAT/CGNAT perhaps. | ||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||