Fohlen · October 13, 2018 09:04
diff --git a/rules b/rules
 # Put in /etc/ufw/after.rules

 # Put Docker behind UFW
 *filter
 :DOCKER-USER - [0:0]
 :ufw-user-input - [0:0]

 -A DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 -A DOCKER-USER -m conntrack --ctstate INVALID -j DROP
 -A DOCKER-USER -i eth0 -j ufw-user-input
 -A DOCKER-USER -i eth0 -j DROP
 COMMIT
	# Put in /etc/ufw/after.rules

	# Put Docker behind UFW
	*filter
	:DOCKER-USER - [0:0]
	:ufw-user-input - [0:0]

	-A DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
	-A DOCKER-USER -m conntrack --ctstate INVALID -j DROP
	-A DOCKER-USER -i eth0 -j ufw-user-input
	-A DOCKER-USER -i eth0 -j DROP
	COMMIT