We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
moby
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 56da020e6b
Branches Tags
moby
/
vendor
/
github.com
/
docker
/
libnetwork
/
firewall_linux.go

firewall_linux.go 827 B
History Raw

1234567891011121314151617181920212223242526272829 
  1. package libnetwork
    2. 

  2. 

  3. import (
    4. 

  4. 	"github.com/Sirupsen/logrus"
    5. 

  5. 	"github.com/docker/libnetwork/iptables"
    6. 

  6. )
    7. 

  7. 

  8. const userChain = "DOCKER-USER"
    9. 

  9. 

  10. // This chain allow users to configure firewall policies in a way that persists
    11. 

  11. // docker operations/restarts. Docker will not delete or modify any pre-existing
    12. 

  12. // rules from the DOCKER-USER filter chain.
    13. 

  13. func arrangeUserFilterRule() {
    14. 

  14. 	_, err := iptables.NewChain(userChain, iptables.Filter, false)
    15. 

  15. 	if err != nil {
    16. 

  16. 		logrus.Warnf("Failed to create %s chain: %v", userChain, err)
    17. 

  17. 		return
    18. 

  18. 	}
    19. 

  19. 

  20. 	if err = iptables.AddReturnRule(userChain); err != nil {
    21. 

  21. 		logrus.Warnf("Failed to add the RETURN rule for %s: %v", userChain, err)
    22. 

  22. 		return
    23. 

  23. 	}
    24. 

  24. 

  25. 	err = iptables.EnsureJumpRule("FORWARD", userChain)
    26. 

  26. 	if err != nil {
    27. 

  27. 		logrus.Warnf("Failed to ensure the jump rule for %s: %v", userChain, err)
    28. 

  28. 	}
    29. 

  29. }
    30.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5