Greetings,
I am using Docker with Shorewall and the two work quite well together. However,
with `docker-compose` I have run into scenarios where I must create a new
bridge.
With docker-compose, it is possible to name the new bridge. For example:
```
# docker-compose.yml
networks:
router:
driver: bridge
driver_opts:
com.docker.network.bridge.name: docker1
```
I then add `docker1` to the Shorewall `interfaces` config:
```
#ZONE INTERFACE OPTIONS
# ...
dock docker0 optional,bridge,routeback
dock docker1 optional,bridge,routeback
```
However, Shorewall will only restore `docker0` on restart, while `docker1`
iptables will be lost.
I'd like to suggest a change to the `shorewall.conf`. It would be nice if
instead of only `DOCKER=No` and `DOCKER=Yes`, we had the ability to also supply
the docker interfaces. For example, `DOCKER=docker0`, or
`DOCKER=docker0,docker1`, or perhaps a second parameter such as
`DOCKER_INTERFACES=docker0,docker1` combined with `DOCKER=Yes`. Then on
Shorewall restart, the script responsible to restoring the Docker iptables
could repeat over each interface supplied.
Unless of course I have missed something and there is another solution.
Thank you,
Connor Schlesiger
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
