Mailinglist Archive: opensuse-factory (437 mails)

< Previous Next >
Re: [opensuse-factory] Re: Switching SuSEFirewall for iptables
  • From: Uzair Shamim <usershaman@xxxxxxxxx>
  • Date: Wed, 29 Apr 2015 11:11:43 -0400
  • Message-id: <5540F4AF.2@linux.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/28/2015 10:41 AM, Johannes Kastl wrote:
On 28.04.15 Uzair Shamim wrote:

SuSEFirewall does not detect the docker interface. It is fine
with non docker virtual interfaces (like those created by
libvirt) but it seems it does not know how to handle the
interface docker creates. So since it relies on Masquerade/port
forward on a interface basis (rather than say with iptables alone
where you can just specify the IPs) its unable to even be
configured for this.


I would also guess that restarting SuseFirewall2 completely erases
all iptable rules that docker might or might nor have set before.

At least that is what happens with libvirt rules...

Johannes




I dont think docker set any rules, but either way yes, SuSEFirewall
erases any rules that were in before. WRT libvirt you can just restart
the libvirtd service and that brings the rules back.

But now I am just using plain iptables and its working great, thanks
again to everyone for the help :)

- --
Regards,
Uzair Shamim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJVQPSvAAoJEM66EOTZRH6+4psP/iJWJWcFNtmNpqm9LU9WM0tS
lJ2M10mqTheiY6QcBjyyRJ+TPxP+xoX5o2DKk4QQ1N1fu4bCeZVH4Fu39sW1Hnck
NYGEYyX7QUOuyTKVHQIlv8rygHTZZ2UDXfpXe/JqeRL2rsU9qe9nZra3WdqL9vVo
qpGMpX/guh9i9EEkiM0TUFjE0DXY3V8aacZqLLTP9M27x3rN1TrV/m9TQdSYqEIe
sOAbr2kvfMLIESUhfefqeINQ6iFtNQc65V6dEJmqEzJvlIZyBrOJZMxoc2/S5EcW
BxYl2uifoCf3zAquJrO1JnNMZyYGMuf0HTzj9mq4elzeVr7gYpCgi+EcbKYFefof
xPmx/1ktfMl8waj15u/sG9gXJibK/B64IA2W8BOURcmbSeq4OD2zHf2tg3yYgStQ
3GEXOJ0bDB9anSc6NHXVkMdckxqs27hDZGxvMvVqQVcP2Fla88YYFQu+Xt/z0WoZ
3wMBYBw1gKble8bpElFHaPFTUvWpsASGsbBlV8tgjwl/oNmT5bggJ5vsCQZ5KtrA
R/heeIWrJX2x7jJ4+qpvGcuwBX4Qsa1r7wcQ2zxF5j4uurf3sp4dgtuzBXUlc9C9
jjeHZSEZvaUEmI9lg7mjUui9iitri470/MR63ejnqCS/EGjd9ZxdJBAFviQBgM0e
uf0ZfYJ+m08GanytMIz8
=tqe7
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >