From 06fb93e0f07b878b0c377fe6d14d83be12c37c17 Mon Sep 17 00:00:00 2001
From: "Paul \"TBBle\" Hampson" <Paul.Hampson@Pobox.com>
Date: Mon, 20 Jul 2020 23:55:22 +1000
Subject: [PATCH] Reject host-mode networking on Windows

The flag was being silently ignored, and so no network setup was done,
and no notice given.

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
---
 cmd/ctr/commands/run/run_windows.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cmd/ctr/commands/run/run_windows.go b/cmd/ctr/commands/run/run_windows.go
index d0e4ad934..1fc9904ab 100644
--- a/cmd/ctr/commands/run/run_windows.go
+++ b/cmd/ctr/commands/run/run_windows.go
@@ -25,6 +25,7 @@ import (
 	"github.com/containerd/containerd/cmd/ctr/commands"
 	"github.com/containerd/containerd/oci"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
+	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 )
@@ -107,6 +108,9 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
 			}
 			opts = append(opts, oci.WithTTYSize(int(size.Width), int(size.Height)))
 		}
+		if context.Bool("net-host") {
+			return nil, errors.New("Cannot use host mode networking with Windows containers")
+		}
 		if context.Bool("isolated") {
 			opts = append(opts, oci.WithWindowsHyperV)
 		}