docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

network: disambiguate which program the iptables option applies to 

Closes #19148

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit is contained in:
David Karlsson 2024-04-22 14:31:41 +02:00
parent 8ce218fbf2
commit 913e75e7d1
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
content/network/packet-filtering-firewalls.md
View File

@ -155,10 +155,11 @@ $ docker network create mybridge \
## Integration with firewalld ## Integration with firewalld
If you are running Docker with [firewalld](https://firewalld.org) If you are running Docker with the `iptables` option set to `true`, and
on your system with `--iptables` enabled, Docker automatically creates a `firewalld` [firewalld](https://firewalld.org) is enabled on your system, Docker
zone called `docker` and inserts all the network interfaces it creates (for example, automatically creates a `firewalld` zone called `docker` and inserts all the
`docker0`) into the `docker` zone to allow seamless networking. network interfaces it creates (for example, `docker0`) into the `docker` zone
to allow seamless networking.
## Docker and ufw ## Docker and ufw
@ -172,4 +173,4 @@ container gets diverted before it goes through the ufw firewall settings.
Docker routes container traffic in the `nat` table, which means that packets Docker routes container traffic in the `nat` table, which means that packets
are diverted before it reaches the `INPUT` and `OUTPUT` chains that ufw uses. are diverted before it reaches the `INPUT` and `OUTPUT` chains that ufw uses.
Packets are routed before the firewall rules can be applied, Packets are routed before the firewall rules can be applied,
effectively ignoring your firewall configuration. effectively ignoring your firewall configuration.