Centos7 iptables Limits access to docker containers

Docker port mapping in Centos7 causes the port to bypass the firewall and open to the outside world.

Procedure 1

yum install iptables-services

Step 2

systemctl stop firewalld.service             # stop the firewall
systemctl disable firewalld.service          Disable firewall startup
systemctl restart iptables.service           Restart the firewall for the configuration to take effect
systemctl enable iptables.service            Configure firewall startupService docker restart service iptables save Note: The iptables configuration is lost after the iptables restartCopy the code

Perform the following operations to resolve the problem

# vim /etc/docker/daemon.json
{
   "iptables": false
}
sudo service docker restart
sudo service iptables restart
sudo service docker restart
Copy the code

Step 3

Run iptables -l DOCKER -n --line-number to check the IDS of ports 80 and 22. Iptables -a DOCKER -p TCP -m TCP -s 0.0.0.0/0 --dport 80 -j ACCEPT iptables -a DOCKER -p TCP -m TCP -S 0.0.0.0/0 --dport 22 -j ACCEPT iptables -r DOCKER ID -p TCP -m TCP -s IP/MASK  --dport 80 -j DROP iptables -R DOCKER id -p tcp -m tcp -s IP/MASK --dport 22 -j DROPCopy the code

Centos7 iptables Limits access to docker containers

Procedure 1

Step 2

Perform the following operations to resolve the problem

Step 3

Related Posts

TiDB data consistency verification implementation: sync-diff – Inspector optimization solution

Have you seen all six of the single linked lists?

Teach you how to use.NET package EasyGBS interface documents