設定僅有指定IP訪問容器的設定(僅作紀錄)
iptables -I DOCKER-USER 1 -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -I DOCKER-USER 2 -i eth0 -s A IP -p tcp –dport 11111 -j ACCEPT
iptables -I DOCKER-USER 3 -i eth0 -s B IP -p tcp –dport 11111 -j ACCEPT
iptables -A DOCKER-USER -i eth0 -p tcp –dport 11111 -j DROP
如不需要可以執行以下清除
清除所有DOCKER-USER 防火牆設定
iptables -F DOCKER-USER
Be First to Comment