> > It would help to know, what level of isolation you're thinking about? > What is the final end goal? >
I'm currently looking at ways to prevent any container from having the ability to discover other containers in the network and sniff their packets sent, which if sent over an unencrypted protocol (http for example) might be harmful as it could expose data. I'm now considering setting up iptable rules on the host to achieve this but don't have much experience with iptables so will do my research now to see what is needed to setup the right iptable rules.
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
