Skip to content

Instantly share code, notes, and snippets.

@bmaupin

bmaupin/docker-container-network-access.md

Last active November 21, 2023 13:02
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bmaupin/91703945275f833039edf4847d9bc28c to your computer and use it in GitHub Desktop.
Save bmaupin/91703945275f833039edf4847d9bc28c to your computer and use it in GitHub Desktop.
Download ZIP
Docker container network access
Raw
docker-container-network-access.md

Incoming access from local network

Method Docker iptables setting Firewall on? Accessible from local network
docker run --network=host -p 3306:3306 false No Yes
docker run --network=host -p 3306:3306 false Yes No
docker run -p 3306:3306 Default Yes ⚠️ Yes
docker run -p 127.0.0.1:3306:3306 Default Yes No

An alternative option would be to leave the Docker iptables as the default, leave the firewall on, and modify iptables itself à la https://stackoverflow.com/a/51741599/399105

Outgoing access to internet

Method Docker iptables setting Outgoing access to internet
docker run --rm -it alpine apk add curl Default Yes
docker run --rm -it alpine apk add curl false No? (test again to confirm)
docker run --network=host --rm -it alpine apk add curl false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment