this post was submitted on 16 Feb 2024
714 points (97.7% liked)

Programmer Humor

32483 readers
415 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 9 months ago (2 children)

UFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It's a little finicky but works.

[–] [email protected] 1 points 9 months ago (1 children)

Interesting, I might have to read up on that next time. Thanks

[–] tux7350 1 points 9 months ago

I ran into this same situation, this repo helped me solve it.

https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues

[–] [email protected] 1 points 9 months ago (1 children)

But…why?

Project Calico is designed for segmenting network traffic between kubernetes workloads.

Right tool for the job.

Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.

[–] [email protected] 1 points 9 months ago

I was specifically talking about Docker+UFW. Of course the possibilities are endless.