Mailinglist Archive: opensuse-factory (437 mails)

< Previous Next >
[opensuse-factory] Re: Switching SuSEFirewall for iptables
  • From: Johannes Kastl <mail@xxxxxxxxxx>
  • Date: Tue, 28 Apr 2015 16:41:02 +0200
  • Message-id: <mho65u$ndc$1@ger.gmane.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 28.04.15 Uzair Shamim wrote:

SuSEFirewall does not detect the docker interface. It is fine
with non docker virtual interfaces (like those created by
libvirt) but it seems it does not know how to handle the
interface docker creates. So since it relies on Masquerade/port
forward on a interface basis (rather than say with iptables alone
where you can just specify the IPs) its unable to even be
configured for this.


I would also guess that restarting SuseFirewall2 completely erases
all iptable rules that docker might or might nor have set before.

At least that is what happens with libvirt rules...

Johannes


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with SeaMonkey - http://www.enigmail.net/

iEYEARECAAYFAlU/m/gACgkQzi3gQ/xETbKp6gCfbdURPB19EC/VUNmozXCoEhCJ
82EAn2+kt1EHNcoH4roALOocfH4vmhaM
=Lm6T
-----END PGP SIGNATURE-----

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups