* nftables + docker
@ 2022-03-02 5:57 Matthew Ellquist
2022-03-02 18:44 ` Jarno Pelkonen
0 siblings, 1 reply; 2+ messages in thread
From: Matthew Ellquist @ 2022-03-02 5:57 UTC (permalink / raw)
To: NFTables Mailing List
Greetings,
I'm very new to nftables and thought I'd throw this question out there
while I researched it.
Is there a way to not have to restart the docker.server to rebuild the
nftables rules, after restarting the nftables service?
Thanks,
Matt
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: nftables + docker
2022-03-02 5:57 nftables + docker Matthew Ellquist
@ 2022-03-02 18:44 ` Jarno Pelkonen
0 siblings, 0 replies; 2+ messages in thread
From: Jarno Pelkonen @ 2022-03-02 18:44 UTC (permalink / raw)
To: Matthew Ellquist; +Cc: NFTables Mailing List
Hi,
Restarting nftables.service completely flushes the nftables so
docker’s rules go with it. See the nftables.service unit contents.
If you are using systemd you can use “PartOf” directive to have
systemd take care of restarting services.
Alternative option is to customize nftables.service to not to
completely flush the tables, but remove everything else but docker
rules and its entry point.
Cheers,
Jarno
On Wed, Mar 2, 2022 at 12:45 PM Matthew Ellquist <mellqui@d.umn.edu> wrote:
>
> Greetings,
>
> I'm very new to nftables and thought I'd throw this question out there
> while I researched it.
>
> Is there a way to not have to restart the docker.server to rebuild the
> nftables rules, after restarting the nftables service?
>
> Thanks,
> Matt
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-03-02 18:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-02 5:57 nftables + docker Matthew Ellquist
2022-03-02 18:44 ` Jarno Pelkonen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.