Docker Community Forums

Share and learn in the Docker community.

Iptables matching with docker

Hi folks

I want to use iptables to match based on UID for running container, and I’m using DSCP tagging for this. But I’m afraid I don’t know ip tables all that well, and understand what docker does to iptables even less. I hope someone can help.

This is what I was doing before using docker to DSCP tag my application by running user:
sudo iptables -t mangle -A OUTPUT -p tcp -m owner --uid-owner transmission -j DSCP --set-dscp 0x10

I’m afraid now I don’t know how to replicate this functionality.

Indeed, processes running under user “transmission” that are not running in docker do indeed get tagged properly.