February 11, 20242 yr Hi all, I have my Unraid server on my secure network and running some docker images using a docker custom bridge network on br0. I also have a VM on my insecure network VLAN, using br0.11 In my router I have a deny all rule from insecure to secure, however the insecure VM can access web servers on the docker containers running on the secure network. I did a tcpdump and found that traffic is flowing directly through a vnet0 interface rather than via my firewall. I assume this is by design, but I'd prefer to have control over all inter-vlan comms in one place via my firewall. For example if my VM is compromised, I don't want an attacker to have access to services running on my secure network. Is there a way to disable this? Is it as simple as turning off "enable bridging" in network settings? I don't want to try this as I am unsure if this messes up the bridging in docker. Thanks for any assistance! Bry
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.