Iptables matching with docker

bluenote73 · August 14, 2019, 12:32am

Hi folks

I want to use iptables to match based on UID for running container, and I’m using DSCP tagging for this. But I’m afraid I don’t know ip tables all that well, and understand what docker does to iptables even less. I hope someone can help.

This is what I was doing before using docker to DSCP tag my application by running user:
sudo iptables -t mangle -A OUTPUT -p tcp -m owner --uid-owner transmission -j DSCP --set-dscp 0x10

I’m afraid now I don’t know how to replicate this functionality.

Indeed, processes running under user “transmission” that are not running in docker do indeed get tagged properly.

thanks

Topic		Replies	Views
Odd change from 1.10.3 to 1.11.0: external host iptables rules being ignored General	1	1175	April 21, 2016
Host iptables in container General docker , amazonwebservices	2	10949	October 18, 2017
Docker Containerization of IPTables Complexity -- Simplification Request Feature Requests	4	993	February 27, 2021
Is the root user (UID 0) inside container mapped to root user on host machine? Docker Desktop macos	9	396	December 9, 2024
Iptables with docker-user, release connections with the container itself General	3	1170	February 6, 2023

Iptables matching with docker

Related topics