Add warning on port opening for docker
This commit is contained in:
parent
9898ff9e62
commit
45f04e322a
|
@ -26,6 +26,15 @@ Edit /etc/default/minifirewall file:
|
|||
* Configure your authorizations for external services : DNS, HTTP, HTTPS, SMTP, SSH, NTP
|
||||
* Add your specific rules
|
||||
|
||||
### Docker
|
||||
|
||||
To use minifirewall with docker you need to change the variable *DOCKER* from _off_ to _on_
|
||||
Then, authorisation for public/semi-public/private ports will also work for dockerized services
|
||||
|
||||
|
||||
**WARNING** : When the port mapping on the host is different than in the container (ie: listen on :8090 on the host, but the service in the container listen on :8080)
|
||||
you need to use the port used by the container (ie: 8080) in the public/semi-public/private port list
|
||||
|
||||
## Usage
|
||||
|
||||
~~~
|
||||
|
|
|
@ -12,6 +12,9 @@ IPV6=on
|
|||
# For instance, turning it on will disable nat table purge
|
||||
# Also, we'll add the DOCKER-USER chain, in iptable
|
||||
DOCKER='off'
|
||||
# WARNING : If the port mapping is different between host and container
|
||||
# (ie: Listen on :8090 on host but :8080 in container)
|
||||
# Then you need to makes the rules with the port used inside the container
|
||||
|
||||
# Trusted IPv4 local network
|
||||
# ...will be often IP/32 if you don't trust anything
|
||||
|
|
Loading…
Reference in New Issue