File tree Expand file tree Collapse file tree 1 file changed +5
-0
lines changed Expand file tree Collapse file tree 1 file changed +5
-0
lines changed Original file line number Diff line number Diff line change 5555PORTS_TO_BLOCK="80,5555,2222"
5656EXTERNAL_INTERFACE=$1
5757
58+ # Flush an delete custom Chains
5859iptables -F DOCKER-USER
5960iptables -F EXTERNAL-ACCESS-DENY
6061iptables -X EXTERNAL-ACCESS-DENY
6162
63+ # Create a log-and-drop Chain
6264iptables -N EXTERNAL-ACCESS-DENY
6365iptables -A EXTERNAL-ACCESS-DENY -j LOG --log-prefix "DCKR-EXT-ACCESS-DENY:" --log-level 6
6466iptables -A EXTERNAL-ACCESS-DENY -j DROP
6567
68+ # Block all incomming traffic for docker
6669iptables -A DOCKER-USER -i $EXTERNAL_INTERFACE -p tcp --match multiport --dports $PORTS_TO_BLOCK -j EXTERNAL-ACCESS-DENY
70+
71+ # Restore default rule to return all the back to FORWARD-Chain
6772iptables -A DOCKER-USER -j RETURN
6873
6974echo "Rules created "
You can’t perform that action at this time.
0 commit comments