Support Host Network (--network host) mode on Docker Desktop for Mac and Windows · Issue #238 · docker/roadmap (original) (raw)
Tell us about your request
Right now, docker run --network host <image> is only available to Linux docker hosts. From the official documentation:
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
Which service(s) is this request for?
Docker Desktop for Mac, Docker Desktop for Windows
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Making a docker container with dynamic port mappings is not possible right now.
For example, a container that allows a user to accept connections on arbitrary ports through a netcat listener. During a network penetration test, the user may be testing outbound firewall rules and needs to dynamically accept connections on different ports in the container, eg 53, 80, 443, 1337, 9001, or any other arbitary port. The user will not know these ports before starting the container, so it's not possible for the user to run the container with docker run -p <ports> <image>.
With docker run --network=host, this could be accomplished by just using the same network schema as localhost.
Are you currently working around the issue?
The "best" workaround I know of would to add an EXPOSE 1-1000 in the Dockerfile and run the container with docker run -P <image>, which is very slow and does still limits the range of open ports. Using the full port range of EXPOSE 1-65535 hangs my terminal, so I don't know how effective it is.
The -P flag is documented here: https://docs.docker.com/network/links/#connect-using-network-port-mapping
This is not a sustainable workaround.