However, using this configuration i cant get external response, for example: curl -I http://www.google.com, and if i tries execute curl -I http://172.17.0.2/OK where 172.17.0.2 is my container ip i cant get response from service.
Then, i change the firewall to 0 level instead of, i restarted the service and i can get response from service.
Have you any idea about this behavior ? I think itsnt normal. I verify the follow repos:
Hi, i have some issues about the vpl configuration file
Environment
Ubuntu
FROM ubuntu:16.04
Docker
VPL
vpl version 2.2.2
Description
In /etc/vpl/vpl-jail-system.conf in firewall section and the commented lines says:
FIREWALL=0|1|2|3|4
0: No firewall
1: VPL service+DNS+internet access
2: VPL service+DNS+Limit internet to port 80 (super user unlimited)
3: VPL service+No external access (super user unlimited)
4: VPL service+No external access
Note: In level 4 stop vpl-jail-system service to update/upgrade the system
default level 0
by default, the configuration is:
JAILPATH=/jail MIN_PRISONER_UGID=10000 MAX_PRISONER_UGID=20000 MAXTIME=600 URLPATH=/ FIREWALL=2 LOGLEVEL=0
However, using this configuration i cant get external response, for example: curl -I http://www.google.com, and if i tries execute curl -I http://172.17.0.2/OK where 172.17.0.2 is my container ip i cant get response from service.
Then, i change the firewall to 0 level instead of, i restarted the service and i can get response from service.
Have you any idea about this behavior ? I think itsnt normal. I verify the follow repos:
https://github.com/hthuwal/vpl_docker and https://gitlab.com/ifrscanoas/vpl-jail-docker, i ran that images, i tested the endpoints (it works) , verify the configuration file in each images, and i verify the firewall level is 2.
What could be my problem?
My docker file is:
FROM ubuntu:16.04 WORKDIR /home/app/ COPY ./app ./ RUN apt-get update && apt-get -y install sudo apt-utils CMD ["tail","-f","/dev/null"]