Hello guys,
I am in the process of switching from OMV to Unraid for my Home Server.
One essential feature for me is a firewall, that allows me to block traffic from certain IP ranges or better, only allow traffic from certain ip ranges.
To be specific:
I wan't my Unraid Server, including all docker installs except of one, to only be reachable via a secured Wireguard connection, even in my LAN.
Since I am not the only one using my LAN, I cannot have full trust in security of my LAN and therefore have to block every connection to my unraid servers except for ones coming from my wireguard network and the nginx proxy manager, which has it's own ip.
With OMV this was really simple to do, just enable UFW, allow only my wireguard subnet and connections to my wireguard, 80 and 443 ports.
But with OMV I wasn't using docker, which has got another problem to it, since every docker instance has and needs it's own IP adress via the br0 interface. Is there a way to also restrict access to these docker instances?
I hope you are able to understand my problem and maybe even help me a bit. Thanks!