To fix the Docker and UFW security flaw without disabling iptables (by chaifeng)


Basic ufw-docker repo stats
about 1 month ago

chaifeng/ufw-docker is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.

Ufw-docker Alternatives

Similar projects and alternatives to ufw-docker based on common topics and language

  • GitHub repo Moby

    Moby Project - a collaborative project for the container ecosystem to assemble container-based systems

  • GitHub repo Dokku

    A docker-powered PaaS that helps you build and manage the lifecycle of applications

  • GitHub repo cloudflare-ufw

    Script to update UFW with Cloudflare IPs

  • GitHub repo polybox

    An itty-bitty PaaS that uses git push to deploy micro-services and websites on your own servers, like Okurrr!!!

  • GitHub repo pcompose

    An open source PaaS using docker-compose

  • GitHub repo harbormaster

  • GitHub repo ufw-docker-automated

    Manage docker containers firewall with UFW!

NOTE: The number of mentions on this list indicates mentions on common posts. Hence, a higher number means a better ufw-docker alternative or higher similarity.


Posts where ufw-docker has been mentioned. We have used some of these posts to build our list of alternatives and similar projects - the last one was on 2021-04-25.
  • Zero-downtime Heroku-style deployments with Git and Docker
    news.ycombinator.com | 2021-04-25
    There's no problem if you use only basic iptables rules but ufw use iptables in a very complicated way. If you want to ufw and docker plays well together, you have to disable docker's iptables manipulations or use ufw-docker as the author. More about that at ufw-docker documentation https://github.com/chaifeng/ufw-docker
  • Docker Security, Socket Proxy and Reverse Proxy
    I used this write up and changed " /etc/ufw/after.rules " and now UFW can manage docker networks.
  • Docker with UFW
    reddit.com/r/docker | 2021-03-30
  • How do I prevent Docker bypassing UFW on a Ubuntu box?
    reddit.com/r/docker | 2021-03-08
    Here is the fix https://github.com/chaifeng/ufw-docker
  • Securing docker and traefik 2.0
    Hi anubis, just for securing your server itself, there are some common issues with docker. I am a fan of ufw-docker for enhancing standard security on my docker servers. Check it out here : https://github.com/chaifeng/ufw-docker
  • Homelab 1.0 – thanks to all of you for the inspiration!
    reddit.com/r/homelab | 2021-02-07
    Yeah, containers give some segmentation. Using OPNsense or pfSense you could even hook 'em up to their own VLAN, so they aren't able to see the traffic of another container. If your 'threat' model includes some advanced adversaries, you might want to consider switching containers to full fledged VMs. But other than that, you should be on the safe side. Also, if you use ufw, this might be an interesting read.
  • Open port 443 only for specific ip's
    reddit.com/r/fritzbox | 2021-01-31
    I found a way to make UFW work with docker: https://github.com/chaifeng/ufw-docker