kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 2 Releases Activity

bundles/docker-engine: do not put containers on the host network

Browse source
This commit is contained in:
Franzi 2025-02-15 10:32:56 +01:00
parent aae1e8397e
commit 463443e1e3
Signed by: kunsi
GPG key ID: 12E3D2136B818350
2 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

13
bundles/docker-engine/metadata.py
View file

@ -18,6 +18,19 @@ defaults = {
'/var/opt/docker-engine',
},
},
'nftables': {
'forward': {
'docker-engine': [
'ct state { related, established } accept',
'iifname docker0 accept',
],
},
'postrouting': {
'docker-engine': [
'iifname docker0 masquerade',
],
},
},
'hosts': {
'entries': {
'172.17.0.1': {