Home A - Z

Iptables

Block Outside Access to Docker But Allow localhost

Without the -m state rule above the DROP rule, outside access is blocked, but traffic initiated from docker won't return.

-A DOCKER-USER -m state --state RELATED,ESTABLISHED -j ACCEPT
-A DOCKER-USER ! -s 127.0.0.1/32 -i eth0 -j DROP
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9