kiorky
2013-Nov-22 10:26 UTC
docker.io and shorewall, do not clear a specific rule upon restarts
Hi, I''m playing with docker[1] with setup its own NAT rules to redirect to guests in a specific "DOCKER" chain. The problem is that it interacts with shorewall as when shorewall restarts, it will clear that "DOCKER" chain created by docker. Is there a way to tell to shorewall to let this one specific chain alone (and only this one) in place (not clear/reset it) ? - 1: (docker from http://docker.io) -- Cordialement, kiorky GPG Key FingerPrint: 0x1A1194B7681112AF Pensez à l’environnement. N’imprimez ce courriel que si vous en avez vraiment besoin. ------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
Tom Eastep
2013-Nov-22 18:39 UTC
Re: docker.io and shorewall, do not clear a specific rule upon restarts
On 11/22/2013 2:26 AM, kiorky wrote:> Hi, > I''m playing with docker[1] with setup its own NAT rules to redirect to > guests in a specific "DOCKER" chain. > The problem is that it interacts with shorewall as when shorewall > restarts, it will clear that "DOCKER" chain created by docker. > Is there a way to tell to shorewall to let this one specific chain alone > (and only this one) in place (not clear/reset it) ?Shorewall users iptables-restore which doesn''t permit leaving a particular chain untouched. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk