6be2d43e68
* blocked_interfaces blocks all packets to docker0 from the given interface. This is needed because all the iptables commands dockerd adds operate before any of the fw3 generated rules. Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
18 lines
679 B
Text
18 lines
679 B
Text
# The following settings require a restart to take full effect, A reload will
|
|
# only have partial or no effect:
|
|
# option bip
|
|
# list blocked_interfaces
|
|
|
|
config globals 'globals'
|
|
# option alt_config_file "/etc/docker/daemon.json"
|
|
option data_root "/opt/docker/"
|
|
option log_level "warn"
|
|
list hosts "unix:///var/run/docker.sock"
|
|
option bip "172.18.0.1/24"
|
|
# list registry_mirrors "https://<my-docker-mirror-host>"
|
|
# list registry_mirrors "https://hub.docker.com"
|
|
|
|
# Docker ignores fw3 rules and by default all external source IPs are allowed
|
|
# to connect to the Docker host. See https://docs.docker.com/network/iptables/
|
|
config firewall 'firewall'
|
|
list blocked_interfaces 'wan'
|