Posted a quick writeup about an issue I had with ufw and Docker: https://www.colinmatthias.com/blog/ufw-docker-fixing-security-issue/
@colin This has been known for a while now, sad to see that there is not some sort of fix upstream.
@gudenau Yeah, I definitely found lots of references to it going back a while. Not really sure who is to blame; could see arguments for blaming either or both sides. UFW wants to provide a nice simple interface to iptables, and Docker wants networking to just work when you create a container. 🤷♂️
@colin There could be a common firewall interface created, kinda like on Windows. UFW could provide a standardized service and Docker could connect to it to configure UFW, whatever firewall you have or default to the current implementation.
Would be an overall net gain in my opinion.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!