Create iptables rules in CLI

    Hello :) ,


    I'm going to make my server available from the outside. I would like to use iptables for more security.
    However, I don't want to use the graphical interface because I already have my own set of rules. Is that possible?
    I thought I would carry out these steps :

    • Create a bash script
    • Insert iptables-restore < /etc/iptables.rules , then include my iptables rules.
    • Move the iptables script to /etc/network/if-pre-up.d/ 
    • sudo chmod +x /etc/network/if-pre-up.d/iptables
    • Reboot


    Is that correct? Is there another procedure?

    Well... I think it's good for the different stages.


    However, I have another question:
    is it necessary to manage docker with iptables ?
    When I do an iptable-save, I notice that there are already many rules about Docker



    Is it sufficient to specify that the rules only apply to the server interface (eth0) and not to Docker's interface (docker0) when the container is in bridge mode ?
    When the container is in host mode, it is connected directly to the eth0 of the server ?

    So I answer myself....
    I'm changing my perspective and I'm going to adopt a reverse-proxy strategy which seems to simplify the mess a little.
    I would try to give feedback with reverse-proxy and iptables.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden