Hi Tom,
I'm just working through this.
I'm a bit new to both Docker and Shorewall!
I think there's a minor typo in the patch file on line 60. ' > &3'
should be '>&3', or the script errors.
First I ran against Docker version 18.03.0-ce as a regression test.
I fixed the patch file inside the container and 'shorewall restart' ran OK.
I noticed that the DOCKER-USER chain was removed, however I don't
currently use it, so this might not be a problem.
On upgrading to Docker version 18.06.1-ce, the unpatched Shorewall
removed the ISOLATION chains as expected.
After applying the patch, the ISOLATION rules were retained, although
again the DOCKER-USER chain was removed.
Further, I was able to both create new networks both manually and also
as part of spinning up a new container.
The patch seems to have worked (subject to the typo), so many thanks for
your prompt help.
Regards,
Tony.
On 26/10/2018 21:23, Tom Eastep wrote:
Attached is a patch that applies with offsets to 5.1.11.1.
. /usr/share/shorewall/shorewallrc
. cd $PERLDIR/Shorewall/
. patch -p4 < path/to/DOCKER-ISOLATION.patch
Please let me know how it works.
Thanks,
-Tom
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
