2014-05-28 08:49:19 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
## docker-iptables
|
|
|
|
|
##
|
|
|
|
|
## @author gdm85
|
|
|
|
|
## script to show iptables rules with docker names
|
|
|
|
|
## can be used also to detect problems with dead containers and stale iptable rules
|
|
|
|
|
## supports standard iptables-save syntax
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
function replace_iptables() {
|
2015-01-14 09:48:05 +00:00
|
|
|
local CID
|
2014-05-28 08:49:19 +00:00
|
|
|
|
2014-06-07 10:24:44 +00:00
|
|
|
local SEDCMD="-e s!172.17.42.1/32!dockerHost!g
|
2015-01-14 09:48:05 +00:00
|
|
|
for CID in $(docker ps -q -a); do
|
|
|
|
|
local NAME=$(docker inspect --format '{{ .Name }}' $CID | awk '{ print substr($0, 2, length($0)-1) }')
|
|
|
|
|
local IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' $CID)
|
2014-05-28 08:49:19 +00:00
|
|
|
|
2015-01-14 09:48:05 +00:00
|
|
|
if [ -z "$IP" ]; then
|
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
SEDCMD="$SEDCMD -e s!$IP/32!${NAME}!g -e s!$IP!${NAME}!g"
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
sed $SEDCMD
|
2014-05-28 08:49:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
iptables-save $@ | replace_iptables
|
