docker

Docker and Iptables: You may do it wrong!

Oct 25, 2022
#tech #docker #iptables

1. Mission # If you’re running Docker on a host that is exposed to the Internet (network bridge), you will probably want to restrict external access. 2. Docker network # Let’s start with a fact that Docker manipulates iptables rules to provide network isolation, on Linux. Docker installs custom iptables chains named DOCKER, DOCKER-USER and DOCKER-ISOLATION-STAGE-*, and it ensures that incoming packets are always checked by these chains first. ...