Skip to content
/ Docker-Firewall Public

Sources for a Docker image that runs an iptables based firewall script, packaged with the required binaries for environments where iptables-restore is not present

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

capybara1/Docker-Firewall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
hooks
hooks
 
 
.dockerignore
.dockerignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Firewall

Motivation

Primarily a iptables based firewall script, packaged with the required binaries for environments where iptables-restore is not present.

Inspirations

Articles that inspired this solution

Usage

Command Line

Assuming the desired file with the output from iptables-restore is located at /etc/iptables/state

docker run \
  --rm \
  --cap-add=NET_ADMIN \
  --net=host \
  -v /etc/iptables:/host/etc/iptables:ro \
  capybara1/firewall:1.0

Cloud-Init (RancherOS)

write_files:
- path: /etc/iptables/state
  permissions: "0400"
  owner: "root:root"
  content: |
    #insert output of iptables-save here
rancher:
  services:
    firewall:
      image: capybara1/firewall:latest
      net: host
      cap_add:
      - NET_ADMIN
      volumes:
      - /etc/iptables:/host/etc/iptables:ro
      labels:
        io.rancher.os.after: wait-for-network, console
        io.rancher.os.detach: "false"
        io.rancher.os.remove: "true"

About

Sources for a Docker image that runs an iptables based firewall script, packaged with the required binaries for environments where iptables-restore is not present

Topics

docker firewall iptables firewall-script

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

6 tags

Packages

No packages published

Languages