Changes

Jump to: navigation, search

Docker

193 bytes added, 23:10, 22 June 2018
IPtables modifications
:[[File:ClipCapIt-180623-010335.PNG|800px]]
 <pre>-A POSTROUTING -s 192.168.123.0/24 -d 224.0.0.0/24 -j RETURN-A POSTROUTING -s 192.168.123.0/24 -d 255.255.255.255/32 -j RETURN-A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -p tcp -j MASQUERADE --DNS and DCHP packages from the Virtual Bridges are allowed to-ports 1024-65535-A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -p udp -j MASQUERADE --be sent to-ports 1024-65535-A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123the host machine.0/24 -j MASQUERADE</pre> 
<pre>
-A INPUT -i virbr1 -p udp -m udp --dport 53 -j ACCEPT
</pre>
The host machine is allowed to send DHCP packages to the virtual bridges in order to configure them.
<pre>
-A OUTPUT -o virbr1 -p udp -m udp --dport 68 -j ACCEPT
-A FORWARD -o virbrDocker -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbrDocker -j REJECT --reject-with icmp-port-unreachable
</pre>
 
<pre>
-A POSTROUTING -s 192.168.123.0/24 -d 224.0.0.0/24 -j RETURN
-A POSTROUTING -s 192.168.123.0/24 -d 255.255.255.255/32 -j RETURN
-A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
-A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
-A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -j MASQUERADE
</pre>
Retrieved from "http://wiki.berki.org/index.php/Special:MobileDiff/1036"

Navigation menu