SecDocker
SecDocker
An application firewall for Docker
Description
SecDocker is a Go application that acts as a firewall for Docker. It's designed to receive all the traffic that goes to the Docker API / socket and drop the requests that contain unauthorized parameters. You can provide rules and specifications as well as general restrictions to be applied to every request, modifying the traffic as it goes to the Docker daemon.
How it works
The application is placed on the outside so all the Docker traffic is redirected to itself. Then, it performs all the checks as well as external validations with the plugins. If every option is allowed and the plugins reported a positive result, then SecDocker will apply some general restrictions and finally, send the request to the Docker daemon.
Code / External link
You can find the application on our Github repository: