nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs(security): clarify iptables-nft backend mapping

This commit is contained in:
Doruk Ardahan 2026-02-26 18:45:42 +03:00 committed by George Pickett
parent fefcea3ea2
commit 06c34d8de4
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/gateway/security/index.md
View File

@ -638,6 +638,8 @@ chains, not only host `INPUT` rules.
To keep Docker traffic aligned with your firewall policy, enforce rules in
`DOCKER-USER` (this chain is evaluated before Docker's own accept rules).
On many modern distros, `iptables`/`ip6tables` use the `iptables-nft` frontend
and still apply these rules to the nftables backend.
Minimal allowlist example (IPv4):