-
Notifications
You must be signed in to change notification settings - Fork 75
Applying ACLPolicy for HNSEndpoint is broken in WindowsServer2025 #616
Description
Describe the bug
When I create an ACLPolicy for HNSEndpoint, it fails to apply in Windows Server 2025 Containers. This behavior works as expected in Windows Server 2019. It's unclear what has changed in the latest version of Windows Server to break this behavior. The lack of being able to apply ACLPolicy for NAT indicates that containers on Windows Server 2025 can talk to any internal IP. For context, we have been able to shield containers from reaching internal IPs in Windows Server 2019, but we've lost this ability in Windows Server 2025.
To Reproduce
- Create container-1 in docker, capture the IP-Address, and run a simple web server on port 8080
- Create container-2 in docker, capture the IP-Address
- If you curl.exe container-1:8080 (from inside container-2), you should see the response from the server. That's expected because by default there is not ACLPolicy.
- Run
Get-HNSEndpointon the host to get the Endpoint-ID for container-2 - Execute acl-policy.exe (a simple binary that sets ACLPolicy) e.g.
c:\acl-policy.exe endoint-id-from-step-4 ip-address-for-container-2 ip-address-for-container-1. This will create an ACLPolicy to Block Outgoing traffic from container-2 to container-1. - Re-run the
curl.exefrom step 3 and you still see container-2 is able to talk to container-1
Expected behavior
When I re-run the curl.exe in container-2 I expect to see an error after setting the ACLPolicy
Configuration:
- Edition: Windows Server
- Base Image being used: Windows Server Core
- Container engine: docker
- Container Engine version N/A
Additional context
Simple acl-policy binary:
package main import ( "fmt" "os" "encoding/json" "github.com/Microsoft/hcsshim" ) func main() { endpointId := os.Args[1] source := os.Args[2] dest := os.Args[3] endpoint, err := hcsshim.GetHNSEndpointByID(endpointId) if err != nil { fmt.Printf("ERR GetHNSEndpointByID: %+v\n", err.Error()) os.Exit(1) } acl := &hcsshim.ACLPolicy{ Type: hcsshim.ACL, Action: hcsshim.Block, Direction: hcsshim.Out, Protocol: uint16(256), LocalAddresses: source, RemoteAddresses: dest, } policy, err := json.Marshal(acl) if err != nil { fmt.Printf("ERR json.Marshal: %+v\n", err.Error()) os.Exit(1) } endpoint.Policies = append(endpoint.Policies, policy) _, err = endpoint.Update() if err != nil { fmt.Printf("ERR endpoint.Update: %+v\n", err.Error()) os.Exit(1) } fmt.Printf("Updated endpoint to BLOCK %s from %s\n", dest, source) }
Simple WebServer in powershell for container-1:
$listener = New-Object System.Net.HttpListener $listener.Prefixes.Add("http://+:8080/") $listener.Start() Write-Host "Listening on http://+:8080/" while ($listener.IsListening) { $context = $listener.GetContext() $request = $context.Request $response = $context.Response $response.ContentType = "text/plain" $response.StatusCode = 200 $response.StatusDescription = "OK" $output = $response.OutputStream $writer = New-Object System.IO.StreamWriter($output) $writer.Write("Hello from PowerShell Server!") $writer.Flush() $writer.Close() } $listener.Stop()