Network forwarding to an instance IP with port(s) excluded

I am trying to configure network forwarding such that the host’s external IP is forwarded to an instance’s IP, but with the incus-ui’s 8443 port excluded.

So let’s say I’ve got two instances.

  • main - all ports forwarded except 8443
  • web-server - port 80 forwarded

I want the host’s IP to forward to main but exempt 8443 to access incus ui.

The network forwarding config is something like this and it works fine.

description: ""
config: {}
ports:
- description: main
  protocol: tcp
  listen_port: "1-8442,8444-65535"
  target_address: 10.221.18.7
- description: web server
  protocol: tcp
  listen_port: "80"
  target_address: 10.167.36.91
listen_address: 192.168.65.6
location: none

However, I was hoping there would be a cleaner way, that would not require listing out ports 1-8442,8444-65535 manually.

Basically, build on the following config instead and be able to exempt only port 8443.

description: ""
config: 
  target_address: 10.221.18.7
ports:
- description: web server
  protocol: tcp
  listen_port: "80"
  target_address: 10.167.36.91
listen_address: 192.168.65.6
location: none

Hey, I have to admit that it seems pretty clean to me :thinking:

Did you have another config API mind? Although I can imagine the config is unlikely to change to avoid breaking other peoples configs…

1 Like