I am trying to use Docker on Windows 10. Our company uses Symantec Endpoint Protection for security. When I tried to run ‘docker-compose up’, I was getting a popup that the firewall was blocking Docker from file sharing with the containers.
I was able to get around this problem by adding Application Exceptions to Symantec. Since I wasn’t sure which programs I would need in order to be able to share, I added all of the executables and DLLs to the exception list. This caused the problem to go away.
However, I really hate to have such a huge list specified as exceptions. I was just wondering if anyone would know which programs and/or DLLs need file sharing in order to work?
Would you be able to provide a list of what you did end up whitelisting? Also, are you able to retrieve any sort of logs from SEP that would indicate what it is actually blocking?
I ended up whitelisting every executable and DLL, because I didn’t want to waste time on trial and error.
C:\Program Files\Docker\Docker\Bugsnag.dll
C:\Program Files\Docker\Docker\concrt140.dll
C:\Program Files\Docker\Docker\Docker for Windows.exe
C:\Program Files\Docker\Docker\Docker.Backend.dll
C:\Program Files\Docker\Docker\Docker.Core.dll
C:\Program Files\Docker\Docker\Docker.Win32Helpers.dll
C:\Program Files\Docker\Docker\Docker.WPF.dll
C:\Program Files\Docker\Docker\DockerCli.exe
C:\Program Files\Docker\Docker\InstallerCli.exe
C:\Program Files\Docker\Docker\Microsoft.Management.Infrastructure.dll
C:\Program Files\Docker\Docker\Microsoft.Web.Infrastructure.dll
C:\Program Files\Docker\Docker\msvcp140.dll
C:\Program Files\Docker\Docker\Newtonsoft.Json.dll
C:\Program Files\Docker\Docker\NLog.dll
C:\Program Files\Docker\Docker\System.Management.Automation.dll
C:\Program Files\Docker\Docker\System.Net.Http.Formatting.dll
C:\Program Files\Docker\Docker\System.Web.Http.dll
C:\Program Files\Docker\Docker\System.Web.Mvc.dll
C:\Program Files\Docker\Docker\System.Web.Razor.dll
C:\Program Files\Docker\Docker\System.Web.WebPages.Deployment.dll
C:\Program Files\Docker\Docker\System.Web.WebPages.dll
C:\Program Files\Docker\Docker\System.Web.WebPages.Razor.dll
C:\Program Files\Docker\Docker\vccorlib140.dll
C:\Program Files\Docker\Docker\vcruntime140.dll
Unfortunately, when I run ‘docker-compose up’, I’m not seeing any messages in the Symantec logs, the process just hangs trying to bring up one of the containers.
I first ran into the firewall issue when I tried to share my C drive in Docker. That’s when I got a popup that there was a firewall issue. My bad, I did not look at the Symantec logs when that happened, and they have rolled over since then. I tried adding the ‘Docker for Windows.exe’ to the whitelist, but that didn’t make a difference. However, I cannot seem to duplicate that problem now, even after renaming all the files in the whitelist. So maybe I had a typo or something. It’s possible that maybe that one entry is all I need.
Which SEP (Symantec) version are you using?
I’m using the latest version of docker and our company uses SEP 12.1. I have created a lot of exceptions but I always get the same error after extracting the image.