Removed --net=host as default for the docker container

jedisct1 / dnscrypt-server-docker

A Docker image for a non-censoring, non-logging, DNSSEC-capable, DNSCrypt-enabled DNS resolver

https://dnscrypt.info

ISC License

141 stars 22 forks source link

Removed --net=host as default for the docker container #46

Closed MeganerdNL closed 4 years ago

MeganerdNL commented 4 years ago

Removed --net=host as default for the docker container It does forward port 443 tcp/udp to the host, but it also had "--net=host" when starting. That defeats the purpose of the port forward. Removing "--net=host" as it is also in line with the rest of the documentation.

mibere commented 4 years ago

It's already in the official image, see here.

jedisct1 commented 4 years ago

My original fear with using NAT instead of --net=host is that the kernel has to keep a lot of states.

But looks like a few of you have been running this configuration without issues, so apparently all fine :)

jedisct1 commented 4 years ago

@mibere This change is for the centos install script :)