iptables, docker and the defender

Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries – anything that can be installed on a server. This guarantees that the software will always run the same, regardless of its environment.

Moderator: Lillian.W@AST

Post Reply
Leicester
Posts: 2
youtube meble na wymiar Warszawa
Joined: Tue Jan 30, 2018 4:21 am

iptables, docker and the defender

Post by Leicester »

Hi,
first I have to thank for the docker app, it's really great!

But I do have following issue:
On a regular basis (daily), the iptables configuration, that is created/added by the docker-cmd (when a container is started) is lost/overridden. When that happens my containers are just offline.

I use the ADM defender in DENY ALL mode with some ALLOW rules and docker with bridged networks.
When I stop and start the Docker app the missing docker-related parts are available again.
When I add/remove a rule to/from the ADM defender the docker-related iptables configuration is deleted too. Actually changing anything in the settings app of ADM resets the iptables too (even if the adm defender config has not been changed).

What can I do?
Top
Leicester
Posts: 2
Joined: Tue Jan 30, 2018 4:21 am

Re: iptables, docker and the defender

Post by Leicester »

Ok I found a okish workaround. I add the containers to the host network with `--net=host`, then there are no ip table entries that could be overridden.
Top
Post Reply

Return to “Docker”