Best way to limit proxy traffic by port

[engineeringsys]

This is a great project and easy to deploy. I'm curious as to the best way to limit outbound ports in using this proxy project? I believe I can do it on the eth0 interface IPTables firewall but was wondering if it's possible within the container itself

[serjs]

Hi!

I haven't answer about best practices method for your request, but in thinking of app functionality I can say that there are no plans for realizing traffic shaping.

What I know and think about, when trying to solve same problem (from the perspective of OPS-way)

1. In case of orchestration systems you can use CNI plugins
2. In case of the plain Docker engine, you can use TC side-container, I found https://github.com/lukaszlach/docker-tc, but fortunately I haven't worked example for you. On my main workstation, there are some errors using tc side container. Here is my example

   $ docker run -d \    --name docker-tc \                                       
   --network host \
   --cap-add NET_ADMIN \
   --restart always \
   -v /var/run/docker.sock:/var/run/docker.sock \
   -v /var/docker-tc:/var/docker-tc \
   lukaszlach/docker-tc

   then

   
   $ docker network create mynet

$ docker run \ -d -p 1080:1080 --net mynet \ -e PROXY_USER= \ -e PROXY_PASSWORD= \ --label "com.docker-tc.enabled=1" \ --label "com.docker-tc.limit=64kbps" \ serjs/go-socks5-proxy

[engineeringsys]

Thanks for your response. I'll close this but will let you know if I discover anything.