...
UFW is a great simple firewall, but at this point I do not recommend installing on your host. First, port forwarding using UFW is overly complex and seems like a hack versus it being very simple with IP Tables.
...
In this example we setup Apache which runs on port 80 in the container which has been assigned the static IP 10.0.3.10,
| Code Block | ||
|---|---|---|
| ||
# Immediately enable port forwarding rule, but this is not persistent on reboot. sudo iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to-destination 10.0.3.10:80 # saveTo yourmake changespersistent. (at this point I think it starts working, does not persists after reboot) sudo iptables-save # save changes to filessudo apt-get install iptables-persistent # Tool replaces lots of manual work documented here, https://help.ubuntu.com/community/IptablesHowTo#Saving_iptables # this just looks like so much work must be better way # ok looks better to save changes using this tool (still to try) sudo apt-get install iptables-persistent sudo IptablesHowTo sudo /etc/init.d/iptables-persistent save sudo /etc/init.d/iptables-persistent reload |
...