I’m a little unsure how to block external IPs from accessing the running Docker containers on my ShinyProxy host. ShinyProxy does expose the ports to 0.0.0.0 and I’m not really sure why/if that’s needed.
My naïve understanding from reading the Docker documentation on that topic is that adding a
iptables -I DOCKER-USER -i ext_if -j DROP
should do the trick. But I fear, I might break ShinyProxy in some subtle ways, I didn’t think about.
Most tutorials I found use UFW but that actually doesn’t play well with Docker, so I’d like to avoid using UFW.