whalewall icon indicating copy to clipboard operation
whalewall copied to clipboard

Published 20 hours ago verified publisher icon capnspacehook

So, I should put "iptables": false prior to installing, right?

Open MichaelVoelkel opened this issue 1 year ago • 2 comments

Question in title. I would assume that we disable what docker does because whalewall takes over. Is this correct?

MichaelVoelkel avatar Jan 01 '24 08:01 MichaelVoelkel

In particular, I wasted 1hr now because I realized your own compose file does not allow to have one container accessing the other... This happened when I turned off iptables for docker, so apparently it's not the case... But if docker creates its own iptables rules, are you not interfering with them with whalewall?

MichaelVoelkel avatar Jan 01 '24 10:01 MichaelVoelkel

I designed whalewall so that it would work with Docker's firewall rules, and it assumes they are in place. In particular the 'DOCKER-USER' chain is required to he present and whalewall checks for that. I would assume Docker would delete the rules it created when you disabled the iptables integration, but if you ran whalewall before disabling iptables for the Docker daemon it probably couldn't delete that chain as whalewall would have created a rule that used it...

If you re-enable iptables for the Docker daemon, restart it and then restart whalewall, everything should work correctly assuming whalewall is configured correctly. Let me know if that doesn't work.

capnspacehook avatar Jan 02 '24 17:01 capnspacehook