ati Posted April 9, 2023 Share Posted April 9, 2023 I recently went the route of adding several VLANs to segment my docker containers into DMZ areas. In the process I noticed that you have to have an IP address set in the network settings for the network (VLAN) to be available to Docker. I guess that makes sense, as that is how they learn a default gateway. However, that poses a security risk in my mind. If one of those containers gets compromised, it can access the unRAID server which now has an IP on that network. Is there anyway I can disable the GUI and SSH access from a specific interface? Because it is on the same network segment, a router firewall rule is useless. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.