# The following settings require a restart of docker to take full effect, A reload will only have partial or no effect:
# bip
# blocked_interfaces
# extra_iptables_args
# device

config globals 'globals'
#	option alt_config_file "/etc/docker/daemon.json"
	option data_root "/opt/docker/"
	option log_level "warn"
	list hosts "unix:///var/run/docker.sock"
	option bip "172.18.0.1/24"
#	option iptables "0"
#	list registry_mirrors "https://<my-docker-mirror-host>"
#	list registry_mirrors "https://hub.docker.com"

# Docker ignores fw3 rules and by default all external source IPs are allowed to connect to the Docker host.
# See https://docs.docker.com/network/iptables/ for more details.
# firewall config changes are only additive i.e firewall will need to be restarted first to clear old changes,
# then docker restarted to load in new changes.
config firewall 'firewall'
	option device 'docker0'
	list blocked_interfaces 'wan'
#	option extra_iptables_args '--match conntrack ! --ctstate RELATED,ESTABLISHED' # allow outbound connections