qaz@lemmy.world to

Programmer Humor@programming.devEnglish · 8 hours ago

Context: Docker bypasses all UFW firewall rules

295

Context: Docker bypasses all UFW firewall rules

qaz@lemmy.world to

Programmer Humor@programming.devEnglish · 8 hours ago

Docker docs:

Docker routes container traffic in the nat table, which means that packets are diverted before it reaches the INPUT and OUTPUT chains that ufw uses. Packets are routed before the firewall rules can be applied, effectively ignoring your firewall configuration.

Chat

False@lemmy.world
link
fedilink
arrow-up
13·
7 hours ago
Explicitly binding certain ports to the container has a similar effect, no?
- doughless@lemmy.world
  link
  fedilink
  arrow-up
  1·
  1 hour ago
  I still need to allow the ports in my firewall when using podman, even when I bind to 0.0.0.0.
- Static_Rocket@lemmy.world
  link
  fedilink
  English
  arrow-up
  2·
  3 hours ago
  It’s better than nothing but I hate the additional logs that came from it constantly fighting firewalld.

Programmer Humor@programming.dev

programmer_humor@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !programmer_humor@programming.dev

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1.38K users / day
3.15K users / week
9.36K users / month
20.2K users / 6 months
1 local subscriber
26K subscribers
1.7K Posts
63.3K Comments
Modlog