Docker and iptables persistence

We added an easier documentation to maintain firewall and cluster management that might help with your firewall configuration Please Check it Here. While this still is a valid configuration, there are flaws that might require your attention.

In this article we will provide instruction on how to get our pre-configured firewall script that sets up Docker to run with Entermedia Server.

Please Note that if you have other services with docker exposing ports will override INPUT firewall rules

First, enter the appropriate folder (of your choice) and run the following command to download the script from our servers.

wget -O /root/firewall.sh https://raw.githubusercontent.com/entermedia-community/entermediadb-docker/master/scripts/firewall.sh && chmod +x /root/firewall.sh

 

Second, we'll be creating your own iptables unix service:

sudo vi /etc/systemd/system/org.entermediadb-firewall.service
[Unit]
Description=dam.entermediadb.org Firewall Config
After=docker.service
After=nginx.service
After=firewalld.service

[Service]
Type=oneshot
ExecStart=/root/firewall.sh

[Install]
WantedBy=multi-user.target

 

Third, set the enable the service start at your machine's boot sequence.

systemctl enable --now org.entermediadb-firewall.service

 

 

*** Tested on CentOS/RHEL 7.6 && iptables v1.4.21 ***