redbeardymcgee/podbox
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

remove firewall option for port redirection

Browse source
This commit is contained in:
EphemeralDev 2025-01-27 14:42:52 -05:00 committed by rbm
parent d9dc7975dc
commit 9001d006e4
1 changed files with 1 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Ubuntu.md
View file

@ -70,7 +70,7 @@ systemctl enable --now podman
## Allow rootless binding port 80+ ## Allow rootless binding port 80+
### Option 1: Modify range of unprivileged ports ### Modify range of unprivileged ports
> [!NOTE] > [!NOTE]
> This is only necessary if you are setting up the reverse proxy (or any service > This is only necessary if you are setting up the reverse proxy (or any service
@ -81,16 +81,6 @@ printf '%s\n' 'net.ipv4.ip_unprivileged_port_start=80' | sudo tee /etc/sysctl.d/
sysctl -w 'net.ipv4.ip_unprivileged_port_start=80' sysctl -w 'net.ipv4.ip_unprivileged_port_start=80'
``` ```
### Option 2: Redirect using firewalls
See
[jdboyd blog post for PARTIAL examples using UFW, iptables, and nftables](https://blog.jdboyd.net/2024/05/exposing-privileged-ports-with-podman/)
> [!WARNING]
> IF UTILIZING THIS METHOD
>
> CREATE RULES TO ALLOW SSH BEFORE ENABLING THE FIREWALL
## Prepare container user ## Prepare container user
This user will be the owner of all containers with no login shell or root This user will be the owner of all containers with no login shell or root