Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker firewall issues #128

Closed
adokter opened this issue Aug 8, 2018 · 2 comments
Closed

Docker firewall issues #128

adokter opened this issue Aug 8, 2018 · 2 comments
Labels
documentation
Milestone
0.4.0

Comments

@adokter
Copy link
Owner

adokter commented Aug 8, 2018
edited
Loading

Certain Windows installations experience problems with sharing drives to Docker. The information in this email from Auke Folkerts at University of Amsterdam needs to be incorporated in install instructions:

During our last weeks' meeting on Docker on Windows, I promised a followup with brief explanation of what went wrong and how to fix your computers at home too.

Essentially, the problem is caused by the way Docker handles Shared Folders on Windows. This is done with "Windows File & Printer sharing", via an internal network between windows and the docker containers. (You may know File and Printer sharing as "CIFS" or "Samba")

By default, the windows firewall blocks all network traffic to File and Printer sharing services. Essentially preventing regular Windows installations from accidentally sharing their files (historically, a lot of exploits and vulnerabilities on Windows were caused by this)

Even though Docker Shared Folders is done completely internally to the Windows computer, the firewall still blocks this. This is inconvenient, but the following commands (to be executed in a command prompt that is run with administrator privileges) fixes this.

(To get a command prompt as admnistatror, either log in as administrator and execute cmd, or as a regular user execute runas /user:administrator cmd )

netsh advfirewall firewall set rule name="File and Printer Sharing
(LLMNR-UDP-In)" new action=allow remoteip=10.0.0.0/8
netsh advfirewall firewall set rule name="File and Printer Sharing
(NB-Datagram-In)" new action=allow remoteip=10.0.0.0/8
netsh advfirewall firewall set rule name="File and Printer Sharing
(NB-Name-In)" new action=allow remoteip=10.0.0.0/8
netsh advfirewall firewall set rule name="File and Printer Sharing
(NB-Session-In)" new action=allow remoteip=10.0.0.0/8
netsh advfirewall firewall set rule name="File and Printer Sharing
(SMB-In)" new action=allow remoteip=10.0.0.0/8

These commands open up File and Printer sharing to the internal network (10.x.x.x) only. There should be no risk of doing this on your home computer.

For more details, see https://docs.docker.com/docker-for-windows/#shared-drives
@adokter adokter mentioned this issue Sep 27, 2018
Merged
@adokter
Copy link
Owner Author

adokter commented Sep 27, 2018

To do: add summary of this issue to README as a known install issue for Windows

@adokter adokter added this to the 0.4.0 milestone Sep 27, 2018
@peterdesmet
Copy link
Collaborator

Added in README in ec837fd, referring to this issue. Closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation
Projects
None yet
Milestone
0.4.0
Development

No branches or pull requests
2 participants
@peterdesmet @adokter