如何在Docker中使用ebtables?
当我在Ubuntu Docker容器中运行/sbin/ebtables --list时,我收到消息:
root@500790dca629:/core-release-4.8# /sbin/ebtables --list modprobe: ERROR: ../libkmod/libkmod.c:557 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.43-boot2docker/modules.dep.bin' The kernel doesn't support the ebtables 'filter' table.
如何在Docker中启用ebtables?
默认情况下,docker不支持这个function。 但是启动Docker容器时可以通过以下参数来支持Linuxfunction:
--cap-add Add Linux capabilities --cap-drop Drop Linux capabilities
对于像iptables,ebtables等networkingfunction,您必须添加NET_ADMINfunction,如:
docker run -it --cap-add=NET_ADMIN ubuntu bash
如果没有安装ebtables包,则使用以下命令在容器中安装ebtables包:
sudo apt-get update sudo apt-get install ebtables
然后列出ebtables:
/sbin/ebtables --list Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT