2/15/2024 0 Comments Iptables reload![]() Now using some bash/ jq we can generate the dynamic iptables rules: $ bash docker_iptables -noop The default network-related configuration is probably following, although the config /etc/docker/daemon.json might not exist (and as of now you can't print effective configuration): ' 865569da8d36 A DOCKER -d 172.17.0.1/32 ! -i docker0 -o docker0 -p tcp -m tcp -dport 80 -j ACCEPTÄocker in default configuration, when running in bridge mode, does manipulate iptables (a lot) unless you disable it (then you would have to configure your own NAT rules). A FORWARD -i docker0 -o docker0 -j ACCEPT A FORWARD -i docker0 ! -o docker0 -j ACCEPT A FORWARD -o docker0 -m conntrack -ctstate RELATED,ESTABLISHED -j ACCEPT A OUTPUT ! -d 127.0.0.0/8 -m addrtype -dst-type LOCAL -j DOCKER ![]() ![]() A PREROUTING -m addrtype -dst-type LOCAL -j DOCKER iptables-docker-ports.backup # Generated by iptables-save v1.4.21 on Thu Apr 30 20:48:42 2015 iptables-docker-ports.backupÄ®dit and save this to. However, if you just want to restore those rules without restarting your service, i saved mine so you can inspect, and adjust it to work for you, then load using sudo iptables-restore. (on deb-based: sudo service docker restart) The best way is to restart your docker service, then it'll re-add your docker rules to iptables.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |