this post was submitted on 29 Aug 2025
547 points (99.1% liked)

Programmer Humor

26123 readers
591 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
anzo@programming.dev
Feyter@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
547
Context: Docker bypasses all UFW firewall rules (lemmy.world)
submitted 5 days ago* (last edited 5 days ago) by qaz@lemmy.world to c/programmer_humor@programming.dev
106 comments fedilink hide all child comments
 

Docker docs:

Docker routes container traffic in the nat table, which means that packets are diverted before it reaches the INPUT and OUTPUT chains that ufw uses. Packets are routed before the firewall rules can be applied, effectively ignoring your firewall configuration.

you are viewing a single comment's thread
view the rest of the comments
[–] ohshit604@sh.itjust.works 1 points 3 days ago* (last edited 3 days ago)

It’s been about a day since this issue and now I’ve been keeping a close eye on my local-lvm, it fills fast, like, ridiculously fast and I’ve been having to run sudo fstrim / inside the VM just to keep it maintained. I’m finding it weird I’m now just noticing this as this server has been running for months!

For now I edited my /etc/bash.bashrc so whenever I ssh in it’ll automatically run sudo fstrim /, there is something I’m likely missing but this works as a temporary solution.