treechicken@lemmy.world to Programmer Humor@lemmy.ml · 1 year agoFirewalllemmy.worldimagemessage-square76fedilinkarrow-up1734arrow-down118
arrow-up1716arrow-down1imageFirewalllemmy.worldtreechicken@lemmy.world to Programmer Humor@lemmy.ml · 1 year agomessage-square76fedilink
minus-squarederpgon@programming.devlinkfedilinkarrow-up2·1 year agoUFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It’s a little finicky but works.
minus-squarePlexSheep@feddit.delinkfedilinkarrow-up1·1 year agoInteresting, I might have to read up on that next time. Thanks
minus-squaretux7350@lemmy.worldlinkfedilinkarrow-up1·1 year agoI ran into this same situation, this repo helped me solve it. https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues
minus-squareJasonDJ@lemmy.ziplinkfedilinkarrow-up1·1 year agoBut…why? Project Calico is designed for segmenting network traffic between kubernetes workloads. Right tool for the job. Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.
minus-squarederpgon@programming.devlinkfedilinkarrow-up1·1 year agoI was specifically talking about Docker+UFW. Of course the possibilities are endless.
UFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It’s a little finicky but works.
Interesting, I might have to read up on that next time. Thanks
I ran into this same situation, this repo helped me solve it.
https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues
But…why?
Project Calico is designed for segmenting network traffic between kubernetes workloads.
Right tool for the job.
Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.
I was specifically talking about Docker+UFW. Of course the possibilities are endless.