MISTBORN-DOCKER-USER chain

5 years ago · 259befc961
1 changed files with 13 additions and 1 deletions
--- a/scripts/subinstallers/iptables_docker.sh
+++ b/scripts/subinstallers/iptables_docker.sh
@ -4,5 +4,17 @@ set -e
				@@ -4,5 +4,17 @@ set -e

 source ./scripts/subinstallers/vars.sh

+# start from scratch
+sudo iptables -X MISTBORN-DOCKER-USER 2>/dev/null || true
+
 sudo iptables -N DOCKER-USER || true
-sudo iptables -I DOCKER-USER -i $iface -j MISTBORN_INT_LOG_DROP
+sudo iptables -N MISTBORN-DOCKER-USER || true
+
+# default Mistborn Docker User chain
+sudo iptables -A MISTBORN-DOCKER-USER -i $iface -s 10.0.0.0/8 -j RETURN
+sudo iptables -A MISTBORN-DOCKER-USER -i $iface -s 172.16.0.0/12 -j RETURN
+sudo iptables -A MISTBORN-DOCKER-USER -i $iface -s 192.168.0.0/16 -j RETURN
+sudo iptables -A MISTBORN-DOCKER-USER -i $iface -j MISTBORN_INT_LOG_DROP
+
+# add chain to DOCKER-USER
+sudo iptables -I DOCKER-USER -j MISTBORN-DOCKER-USER