Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add iptables allow rules for mgmt bridge in the ingress direction #2405

Closed
hellt opened this issue Jan 17, 2025 · 1 comment
Closed

Add iptables allow rules for mgmt bridge in the ingress direction #2405

hellt opened this issue Jan 17, 2025 · 1 comment

Comments

@hellt
Copy link
Member

hellt commented Jan 17, 2025

After #2397 and #2401 we add the following rule (v4 example):

❯ sudo iptables -vnL DOCKER-USER                                   
Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 5021  384K ACCEPT     0    --  *      br-6fd1260303e1  0.0.0.0/0            0.0.0.0/0            /* set by containerlab */
  878 1329K RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0

since the mgmt bridge is only specified in the outgoing direction, the traffic from another docker network targeting clab network will still be blocked; we need an allow rule also in the in direction
@hellt
Copy link
Member Author

hellt commented Jan 17, 2025

done in #2406

@hellt hellt closed this as completed Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hellt