docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2112 from delfuego/patch-1 

Remove incorrect iptables-related information
This commit is contained in:
Misty Stanley-Jones 2017-03-09 15:33:32 -08:00 committed by GitHub
parent fff68e259d ee05ddfb21
commit 566110ba4e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
engine/userguide/networking/default_network/container-communication.md
View File

@ -47,9 +47,9 @@ Docker will never make changes to your system `iptables` rules if you set
`--iptables=false` when the daemon starts. Otherwise the Docker server will
append forwarding rules to the `DOCKER` filter chain.
Docker will not delete or modify any pre-existing rules from the `DOCKER` filter
chain. This allows the user to create in advance any rules required to further
restrict access to the containers.
Docker will flush any pre-existing rules from the `DOCKER` and `DOCKER-ISOLATION`
filter chains, if they exist. For this reason, any rules needed to further
restrict access to containers need to be added after Docker has started.
Docker's forward rules permit all external source IPs by default. To allow only
a specific IP or network to access the containers, insert a negated rule at the