Connecting to a server in the namespace from outside the namespace

[realh]

I'd like to run transmission-daemon in the openvpn protected namespace, and be able to access its web UI (on port 9091) directly from my LAN. I thought I should be able to access it over the loopback device on localhost, and use ssh port forwarding to access it from other machines. It's not working though. The connection is always refused, even if I try from localhost. I also tried running a simple python http server in the protected namespace, and that port is refused too, so the problem seems to be that the namespace's lo is isolated from the rest of the system. Any ideas?

[slingamn]

This is tricky, yeah. The best thing is if you can get it to expose a web listener on a unix domain socket, but it sounds like that's not implemented: transmission/transmission#441

The best approach is probably to use one or more socat(1) instances. See the answers here: https://unix.stackexchange.com/questions/257510/port-forwarding-to-application-in-network-namespace-with-vpn

[realh]

Thanks. That stackexchange post is very useful, looks like I'll be able to solve this with just a little copy & paste with a change of port number.