Restrict docker container access to the host LAN but not to internet

Asked Aug 21 '17 at 13:35

Active Aug 21 '17 at 13:35

Viewed 1,703 times

I've been wondering on how the following scenario could be accomplished only using docker networks (no iptables or anything that has to be done on the host).

I want to run a docker container with access only to the host's LAN, but no access to the internet at all.

The --internal will restrict access of the container outside the docker network, so won't fit this situation. And docker's host network will only give the container access to the host, but not to the host's LAN.

Any idea on how can this be accomplished without using host-based solutions (like using iptables on the host)?

Thanks !

asked Aug 21 '17 at 13:35

BBerastegui

have you considered putting your container inside another container? the parent container could provide a re-usable way to setup network restrictions. – Birchlabs Aug 21 '17 at 13:45
Actually, this looks relevant: [Restrict Internet Access - Docker Container](https://stackoverflow.com/a/42336592/5257399) – Birchlabs Aug 21 '17 at 13:47

Restrict docker container access to the host LAN but not to internet

0 Answers0