LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

dockerd: Made blocked_interfaces ip rule REJECT 

* Changed from DROP to REJECT to be consistant with other firewall rules

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
lilik-openwrt-22.03
Gerard Ryan 4 years ago
parent
f4cc4c0c70
commit
774a0e8be0
1 changed files with 2 additions and 2 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      utils/dockerd/files/dockerd.init

+ 2
- 2
utils/dockerd/files/dockerd.init View File

@ -208,9 +208,9 @@ iptables_add_blocking_rule() {
# Ignore errors as it might already be present # Ignore errors as it might already be present
iptables --table filter --new DOCKER-USER 2>/dev/null iptables --table filter --new DOCKER-USER 2>/dev/null
if ! iptables --table filter --check DOCKER-USER --in-interface "${inbound}" --out-interface "${outbound}" ${extra_iptables_args} --jump DROP 2>/dev/null; then
if ! iptables --table filter --check DOCKER-USER --in-interface "${inbound}" --out-interface "${outbound}" ${extra_iptables_args} --jump REJECT 2>/dev/null; then
logger -t "dockerd-init" -p notice "Drop traffic from ${inbound} to ${outbound}" logger -t "dockerd-init" -p notice "Drop traffic from ${inbound} to ${outbound}"
iptables --table filter --insert DOCKER-USER --in-interface "${inbound}" --out-interface "${outbound}" ${extra_iptables_args} --jump DROP
iptables --table filter --insert DOCKER-USER --in-interface "${inbound}" --out-interface "${outbound}" ${extra_iptables_args} --jump REJECT
fi fi
} }


Write Preview
Loading…
Cancel
Save