Podman (Docker replacement) and CSF (Firewall)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
S

stevet224

New Member
Dec 3, 2020
3
3
3
Hello,

Centos and Redhat have now moved away from Docker to Podman but i am unable to get CSF to work with podman. Docker used interface docker0 but podman handles the network differently.

Any suggestions would be welcome.

I have tested the below config but with no luck.
Qy3hIzO.png

Code: 
# podman network inspect podman
[
  {
    "cniVersion": "0.4.0",
    "name": "podman",
    "plugins": [
      {
        "bridge": "cni-podman0",
        "hairpinMode": true,
        "ipMasq": true,
        "ipam": {
          "ranges": [
            [
              {
                "gateway": "10.88.0.1",
                "subnet": "10.88.0.0/16"
              }
            ]
          ],
          "routes": [
            {
              "dst": "0.0.0.0/0"
            }
          ],
          "type": "host-local"
        },
        "isGateway": true,
        "type": "bridge"
      },
      {
        "capabilities": {
          "portMappings": true
        },
        "type": "portmap"
      },
      {
        "type": "firewall"
      },
      {
        "type": "tuning"
      }
    ]
  }
]
 
  • Like
Reactions: Patrick
S

stevet224

New Member
Dec 3, 2020
3
3
3
I have been able to get it partly working using the below command but csf restart destroys the iptables podman creates.

sudo iptables -I CNI-FORWARD -p tcp ! -i cni-podman0 -o cni-podman0 --jump LOCALINPUT
 
  • Like
Reactions: Patrick
You must log in or register to reply here.
Top Bottom