![]() ![]() The solution is to use a firewalld direct rule instead of the trusted zone. To verify this, you can look at the generated iptables rules unless you are using the nbt backend: iptables -vnL | less ![]() As long as any of your zones happens to include the IP addresses docker is using, the ACCEPT rule in the trusted zone will never get processed. It also processes zones based on IP address before zones based on interfaces. Firewalld only processes the first matching zone for any connections. One reason the accepted solution works for some people but not for others lies in a design issue of firewalld.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |