To fix the Docker and UFW security flaw without disabling iptables
Release version 210925
of the ufw-docker-agent
image
See README.md
A DOCKER-USER -j ufw-user-forward
as the first rule of DOCKER-USER
, then we can use ufw
to manage connections from containers../tests
folder.vagrant up
in the project folder.Test passed with Docker Swarm: