fz0x1/ufw-docker
1
0
Fork 0
mirror of https://github.com/chaifeng/ufw-docker.git synced 2025-06-28 06:56:13 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

sometimes we need to restart servers

Browse source
This commit is contained in:
Chai Feng 2018-08-08 23:44:12 +08:00
parent b6f325f9d1
commit d9017fd2a9
No known key found for this signature in database
GPG key ID: 2DCD9A24E523FFD2
2 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
ufw-docker
View file

@ -62,6 +62,9 @@ function ufw-docker--allow() {
done
fi
done
if [[ "$RETVAL" -ne 0 ]]; then
err "Fail to add rule(s), cannot find the published port ${INSTANCE_PORT}/${PROTO} of instance \"${INSTANCE_NAME}\" or cannot update outdated rule(s)."
fi
return "$RETVAL"
}
@ -71,7 +74,7 @@ function ufw-docker--add-rule() {
local PORT="$3"
local PROTO="$4"
echo "allow $INSTANCE_NAME $PORT $PROTO"
echo "allow ${INSTANCE_NAME} ${PORT}/${PROTO}"
typeset -a UFW_OPTS
UFW_OPTS=(route allow proto "${PROTO}"
from any to "$INSTANCE_IP_ADDRESS" port "${PORT}"
@ -103,8 +106,8 @@ function ufw-docker--install() {
cat <<-\EOF | tee -a /etc/ufw/after.rules
# BEGIN UFW AND DOCKER
*filter
:DOCKER-USER - [0:0]
:ufw-user-forward - [0:0]
:DOCKER-USER - [0:0]
-A DOCKER-USER -j RETURN -s 10.0.0.0/8
-A DOCKER-USER -j RETURN -s 172.16.0.0/12
-A DOCKER-USER -j RETURN -s 192.168.0.0/16