8/30/2023 0 Comments Iptables reload![]() ![]() Unfortunately I am under the water at the moment. What would be the best way to allow a container to access a port from another container without fixed ips, I thought about iptable through network something went Thank you for using this! I just wanted to acknowledge that I saw your comments but I want to take time to read them in order for me to better reply to you. The proxy can't reach/does not get a response from the other container via his exposed port via 8080:80 (in another docker network). I even put /sbin/iptables -t nat -A DOCKER-BLOCK -p tcp -m tcp -dport 8080 -m state -state NEW,ESTABLISHED -j DOCKER (the port that the container should reach) but it didnt work, only after I exposed the port in the second place where we should add lines. Problem, with this script the proxy can't reach an exposed port from another container. As I dont want to hassle with the ips of the containers I use another local interface for that, that has nothing to do with docker. ![]() ![]() I have a docker that uses -p 80:80 and I can access it via the internet, but the container itself then filters traffic based on the source ip and then forwards this (proxy server) to another port on an interface locally. Thanks for your nice script I finally found something that works easily :)īut I have some caviats about source ips: # Remove the blocking rule, which should be unreachable after deploy_docker_block anyway deploy_docker_block +/sbin/iptables -t nat -I PREROUTING -m addrtype -dst-type LOCAL -g DOCKER-BLOCK ![]() After this, the flow is restored to DOCKER-BLOCK # If rules were already installed, it would mean that the second and third -38,7 +37,7 while true do # Delete installed rules, we need to ensure they always are at the top # You only need to add one rule if the traffic goes to the containerĬWD= $(cd " $(dirname " $ || true +install_docker_block # SEE You need to add rules in DOCKER-BLOCK AND INPUT for traffic that does not go to a container. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |