I try to make the access to docker containers available only from specific nodes
therefore I added a rule to the docker-user chain like this:
The problem is that now access from another host is restricted, but from containers on the same host I can still access
I tried out the following commands alternatively:
iptables -I DOCKER-USER -i enp0s8 -m set ! --match-set white_list src -j DROP iptables -I DOCKER-USER ! -s 192.168.65.90 -j DROP iptables -I DOCKER-USER -m set ! --match-set white_list src -j DROP
And I disabled icc
Any ideas why this is still not blocked?