Comment on PSA: Docker nukes your firewall rules, and replaces them with its own.
Auli@lemmy.ca 9 months ago
It doesn’t nuke your rules. Just ads to them.
Comment on PSA: Docker nukes your firewall rules, and replaces them with its own.
Auli@lemmy.ca 9 months ago
It doesn’t nuke your rules. Just ads to them.
Kalcifer@sh.itjust.works 9 months ago
How come I don’t see my previous rules when I dump the ruleset, then? I have my rules written in
/etc/nftables.conf, and they were previously applied by running# nft -f /etc/nftables.conf. Now, when I dump the current ruleset with# nft list ruleset, those previous rules aren’t there — all I see are Docker’s rules.gorgori@lemmy.world 9 months ago
You can use a bridge network or the host network.
In bridge network it is like a NAT host. With its own firewall settings.
In host network mode, it will just open the port it needs.
Kalcifer@sh.itjust.works 9 months ago
I could be misunderstanding your comment, but you don’t seem to have answered my question of why I don’t see my rules anymore.