@treechicken@lemmy.world to Programmer Humor@lemmy.ml • 11 months agoFirewalllemmy.worldimagemessage-square77fedilinkarrow-up1736arrow-down118
arrow-up1718arrow-down1imageFirewalllemmy.world@treechicken@lemmy.world to Programmer Humor@lemmy.ml • 11 months agomessage-square77fedilink
minus-square@derpgon@programming.devlinkfedilink2•11 months agoUFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It’s a little finicky but works.
minus-square@PlexSheep@feddit.delinkfedilink1•11 months agoInteresting, I might have to read up on that next time. Thanks
minus-square@tux7350@lemmy.worldlinkfedilink1•11 months agoI ran into this same situation, this repo helped me solve it. https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues
minus-square@JasonDJ@lemmy.ziplinkfedilink1•11 months agoBut…why? Project Calico is designed for segmenting network traffic between kubernetes workloads. Right tool for the job. Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.
minus-square@derpgon@programming.devlinkfedilink1•11 months agoI was specifically talking about Docker+UFW. Of course the possibilities are endless.
UFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It’s a little finicky but works.
Interesting, I might have to read up on that next time. Thanks
I ran into this same situation, this repo helped me solve it.
https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues
But…why?
Project Calico is designed for segmenting network traffic between kubernetes workloads.
Right tool for the job.
Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.
I was specifically talking about Docker+UFW. Of course the possibilities are endless.