DEVHIDE
Login Or Sign up

Can I obtain real user ip with "iptables": false enabled?

861 Views Asked by At

I user "iptables": false option in docker daemon config:

/etc/docker/daemon.json:
{
  "iptables": false
}

I run service with options --publish mode=host, --mode=global similar to this approach.

But when I get X-Real-IP header in my application its value is 172.18.0.1 but not real user ip.

When I start Docker daemon without "iptables": false in /etc/docker/daemon.json all works fine and I get real user ip.

But I need to set "iptables": false to preserve iptables changes with Docker.

Is it possible to get real user ip with "iptables": false in Docker daemon configuration?

docker iptables docker-swarm real-ip
Original Q&A
1

There are 1 best solutions below

0
On BEST ANSWER

See the rules that Docker creates without "iptables": true and replicate them with "iptables": false (which is the default).

These rules in particular are needed to masquerade the IP:

iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL -o docker0 -j MASQUERADE

iptables -t nat -s 172.18.0.0/16 ! -o docker0 -j MASQUERADE

Related Questions in DOCKER

Related Questions in IPTABLES

Related Questions in DOCKER-SWARM

Related Questions in REAL-IP

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.