i’m trying to get a container working, which shall be able to control the host systems iptables/netfilter logic.
I don’t want to have iptables running inside the container, I want to actually issue iptables commands which get active on the host, where the container runs.
The iptable rules will have nothing to do with the container, from where it shall be posted
Is a scenario like that possible?
I tried something like
docker run --privileged -ti --rm --cap-add=NET_ADMIN - centos:latest bash -c "iptables -L -t nat"
but obviously it does not have the hosts iptables available…
Thanks and best regards,