Only allow access to a specific port and only see access one device?

Kega · June 17, 2024, 2:39pm

Hi,

I’m very new to Zerotier and I’m hoping the following is possible.
I have tried to read through their guide for rules, but I’m still pretty lost.

To the point, I have a server which are running multiple dockers. The server is a Asustor, running Zerotier 1.10.2.
From the server I only want one docker to be accessible. Meaning, if you connect to the server it should always forward you to the port of that docker or as a minimum only allow access to that port.

And all devices should only be able to see and access this docker. They shouldn’t be able to see other devices on the Zerotier network or communicate with them.

Is that possible?

dajhorn · June 17, 2024, 5:14pm

Instead of using ZeroTier rules, try setting these three firewall rules on the docker host (approximately):

deny from all
allow from all LAN address
allow from all to just-that-one-port on just-that-one-docker instance

Whether you are using docker host networking will affect the kind of rules you need.

system · July 17, 2024, 5:15pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.