0

I developed a kind of firewall application which dynamically manipulates iptables (creation, modification, deletion of chains, ROUTING, NATs ...). People ask me if the application is available in Docker. I am new in Docker but I think it is not possible. I ask a few questions here to be sure.

Can an firewall application that manipulates IPtables mix well with Docker installed on the same OS?

Can a Docker app able to interact on the underlying operating system (for example, to activate Linux kernel options or create IPtables rules)?

benoit974
  • 35
  • 6
  • I dont think you can directly access to Host OS kernel packages, specially to deal with IP tables. But must be a work-around. https://stackoverflow.com/questions/32756988/what-is-meant-by-shared-kernel-in-docker https://stackoverflow.com/questions/55586621/sharing-kernel-of-the-host-operating-system-while-using-docker – Sachith Muhandiram Jun 03 '20 at 04:33
  • A design goal of Docker is that container applications can't manipulate the host's network stack. I'd run this program on the host, rather than trying to circumvent all of Docker's controls. – David Maze Jun 03 '20 at 10:13

0 Answers0