Restrict Docker containers to Zerrotier

So, I’d like for my docker containers to be able to have outgoing traffic only via Zerotier. So far, what I’ve figured out is that there is a separate iptables chain for Docker, but attempts at making this work have failed.

For the heck of it, I am looking into podman, as well, maybe it respects iptables more than docker does.


Seems that the dirty way to do this is --net=host when you fire up your container.

Feeling nice and contained now, but not fully satisfied.

I’d like my containers to only be capable of talking to zerotier and of course this won’t get me there.

I checked the “solution” box. But this is not yet a good enough solution.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.