Docker TIL: Docker's iptables chains win over ufw 😅If you're relying on ufw or anything similar to route traffic differently than Docker you're going to lose that race every time.

Instead apply your rules to DOCKER-USER directly:

· · Web · 1 · 0 · 1

I learned this because one of our QA servers was hit by a ransomware attack (not a huge issue, it's QA after all). We thought we were protected via ufw/firewall, but we were wrong. Here's a video breakdown:

Show thread
Sign in to participate in the conversation
Basement computer Mastodon

This is my private Mastodon instance hosted on a basement computer. If you want an invite just reach out.