From ca15cb0d81a0b89b656b96858648730b328830a1 Mon Sep 17 00:00:00 2001
From: "Paul \"TBBle\" Hampson" <Paul.Hampson@Pobox.com>
Date: Mon, 20 Jul 2020 23:54:29 +1000
Subject: [PATCH 1/2] Fix incorrect (cut-and-paste) method comment

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
---
 oci/spec_opts_windows.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/oci/spec_opts_windows.go b/oci/spec_opts_windows.go
index 47caf1925..d5004abb1 100644
--- a/oci/spec_opts_windows.go
+++ b/oci/spec_opts_windows.go
@@ -52,7 +52,7 @@ func WithWindowsIgnoreFlushesDuringBoot() SpecOpts {
 	}
 }
 
-// WithWindowNetworksAllowUnqualifiedDNSQuery sets `Windows.IgnoreFlushesDuringBoot`.
+// WithWindowNetworksAllowUnqualifiedDNSQuery sets `Windows.Network.AllowUnqualifiedDNSQuery`.
 func WithWindowNetworksAllowUnqualifiedDNSQuery() SpecOpts {
 	return func(_ context.Context, _ Client, _ *containers.Container, s *Spec) error {
 		if s.Windows == nil {

From 06fb93e0f07b878b0c377fe6d14d83be12c37c17 Mon Sep 17 00:00:00 2001
From: "Paul \"TBBle\" Hampson" <Paul.Hampson@Pobox.com>
Date: Mon, 20 Jul 2020 23:55:22 +1000
Subject: [PATCH 2/2] Reject host-mode networking on Windows

The flag was being silently ignored, and so no network setup was done,
and no notice given.

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
---
 cmd/ctr/commands/run/run_windows.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cmd/ctr/commands/run/run_windows.go b/cmd/ctr/commands/run/run_windows.go
index d0e4ad934..1fc9904ab 100644
--- a/cmd/ctr/commands/run/run_windows.go
+++ b/cmd/ctr/commands/run/run_windows.go
@@ -25,6 +25,7 @@ import (
 	"github.com/containerd/containerd/cmd/ctr/commands"
 	"github.com/containerd/containerd/oci"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
+	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 )
@@ -107,6 +108,9 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
 			}
 			opts = append(opts, oci.WithTTYSize(int(size.Width), int(size.Height)))
 		}
+		if context.Bool("net-host") {
+			return nil, errors.New("Cannot use host mode networking with Windows containers")
+		}
 		if context.Bool("isolated") {
 			opts = append(opts, oci.WithWindowsHyperV)
 		}