How to restrict access of <port> for all interfaces except eth0

chetuneve · August 24, 2021, 7:20pm

I am running a service inside docker container which is running on host [“network_mode”: “host”] mode.
I want to restrict the access of from all available interfaces except “eth0”. Is there any way to do the same through docker-compose?

terpz · August 25, 2021, 7:47am

Hi

No, since you’re using “host”, its like the service is running on the host itself, so if you want to restrict access, you need to create some iptables rules

chetuneve · August 30, 2021, 10:08am

I see. thanks for quick reply… Would you please tell me, how to write a rule for iptable to block some port for all interfaces except one (lets say eth0) ??
Thanks in advance !

terpz · August 31, 2021, 11:02am

Hi again.

Im sorry but im not that sharp on iptables rules.

Is “host mode” a requirement? because its possible to use bridge mode, only to map to a single interface/ip

Topic		Replies	Views
Docker host networking restrict network interface access General	0	934	June 12, 2018
Restrict all ports, except 443 and 80 (allow all from my ip) General	1	3417	September 13, 2019
Iptables and docker General docker	0	1197	February 29, 2016
Force all traffic for a speicifc container to go through a specific interface Compose docker , docker-compose	4	2999	September 12, 2024
Could a container bind a specific network interface to reach external network? General docker	4	17691	August 7, 2021

How to restrict access of <port> for all interfaces except eth0

Related topics