Hi everyone. I am setting up my firewall and want to close services, which open in docker too, in one place.
So, my rules look like this:
It works fine for the local machine. But, when I go to the container:
Internet not works:
Seems, this rule doesn't work:
How I could fix this?
So, my rules look like this:
Code:
nft add table inet PREROUTING
nft 'add chain inet PREROUTING lower_filter { type filter hook prerouting priority -130; policy drop; }'
nft add rule inet PREROUTING lower_filter ct state established,related counter accept
nft add rule inet PREROUTING lower_filter ct state invalid counter drop
nft add rule inet PREROUTING lower_filter counter
It works fine for the local machine. But, when I go to the container:
Code:
docker run -it debian:stable /bin/bash
Internet not works:
Code:
root@7c791721f0c5:/# apt update
0% [Connecting to deb.debian.org]
Seems, this rule doesn't work:
Code:
nft add rule inet PREROUTING lower_filter ct state established,related counter accept
How I could fix this?