hi, i see now shorewall supports docker and i read the docs: http://shorewall.net/Docker.html after i install it and compare the generated iptable rules and the differences: - shorewall create more rules then what docker itself add does really all rules required?
- after i stop docker use the shorewall generated rules and start again docker it's add one more rule (so probably others are enough to use docker). but this rule shouldn't have to be added by shorewall? -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - whithout really try to understand all rules the main difference that shorewall accept and masquarade all 80 and 443 connection to the docker network. is it by design? since by default docker do not create such rules. regards. -- Levente "Si vis pacem para bellum!" ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
