Replies: 1 comment 1 reply
-
Good idea, can you please copy pasta that as a Github issue so I can track it? Thanks! For now you could setup custom iptables rules as described there: https://github.com/qdm12/gluetun/wiki/Advanced-setup#custom-iptables-rules |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
#605 issue created to track this, thanks @bugsymaxi |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
i wonder if there is an easy way to block connected containers (--network=container:gluetun) from being able to access the host (172.17.0.1) and possibly all other containers on the same subnet. (172.17.0.0/24).
This way, am trying to avoid spreading in case a connected container gets "invaded", e.g. due to a vulnerability and the host is running apps which listen on 0.0.0.0 - that would make them also accessable on 172.17.0.1.
For now, i always have to modify iptables and track states inside gluetun. Maybe it would be user friendly to add an env option to block host (and subnet) access.
Thanks & Regards
Beta Was this translation helpful? Give feedback.
All reactions