We install Solus in our host machines and run several containers. I've noted that after installation, solus modify iptables adding to Forward chain Solus_in and Solus_out. In those chains he is adding ip on our vps in this way
Chain SOLUSVM_TRAFFIC_IN
all -- 0.0.0.0/0 x.x.x.x (IP added to container)
all -- 0.0.0.0/0 x.x.x.x (IP added to container)
I try to add my own rule in this chain but Solus override them after, so I add them in site our containers and everything is working properly. And know is my question, what if I want to specify rule to all containers, how to do this?
I tried to change INPUT chain in host server but traffic is passing some how still to Solus. I tried also change Forward chain and specify rule for forward to Solus for example
Chain FORWARD
SOLUSVM_TRAFFIC_IN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
SOLUSVM_TRAFFIC_OUT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:22
DROP tcp -- 0.0.0.0/0 0.0.0.0/0
And here is /etc/networks
default 0.0.0.0
loopback 127.0.0.0
link-local x.x.0.0
But it close traffic by container be ssh. So how this is working?
- How traffic is passing eth0 even when there is a rule to block some ports.
- Why I cannot my modiffication in FORWARD chain for Solus are not working?
- How Solus is overwriting the SOLUSVM_TRAFFIC_IN chain?
- And how to secure this Solus?
Thanks for all help, to understand this strange behavior
