I'm trying to block a specific IP address while working with Docker, but I'm having some trouble. Docker integrates with the iptables firewall, and when I try to use ufw, it seems like the deny rules are positioned in a way that doesn't interact well with Docker's setup. More specifically, Docker's chains accept incoming packets before they get routed to the ufw chains.
I'm considering creating a new chain called BLACKLIST to add the IP address and then using a RETURN rule if it doesn't match. I would have the FORWARD chain direct through BLACKLIST before reaching the Docker chains. Does this approach sound correct? Also, will these settings remain in place after a system or Docker restart?
2 Answers
Definitely give it a try and let us know what happens. It's always good to experiment with iptables, especially when using something like Docker. Good luck!
You can use the DOCKER-USER chain and add your block rule there. Just run this command: `iptables -I DOCKER-USER 1 -s -j DROP`. This should effectively block the incoming traffic from that IP. Just make sure to check how to make it persistent after reboots.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures