Home A - Z
Page Index

Commit 362dc6

2024-12-17 19:03:47 Steven Anderson: initial docker page
/dev/null .. scriptfu/docker/iptables.md
@@ 0,0 1,7 @@
+ # Iptables
+
+ #### Block Outside Access to Docker But Allow localhost
+ Without the `-m state` rule above the `DROP` rule, outside access is blocked, but traffic initiated from docker won't return.
+
+ -A DOCKER-USER -m state --state RELATED,ESTABLISHED -j ACCEPT
+ -A DOCKER-USER ! -s 127.0.0.1/32 -i eth0 -j DROP
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9