1

当我/sbin/ebtables --list在 Ubuntu Docker 容器中运行时,我收到以下消息:

root@500790dca629:/core-release-4.8# /sbin/ebtables --list 
modprobe: ERROR: ../libkmod/libkmod.c:557 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.43-boot2docker/modules.dep.bin'
The kernel doesn't support the ebtables 'filter' table.

如何在 Docker 中启用 ebtables?

4

2 回答 2

1

默认情况下,docker 不支持此功能。但是您可以在启动 docker 容器时传递以下参数以支持 Linux 功能:

--cap-add       Add Linux capabilities
--cap-drop      Drop Linux capabilities

对于 iptables、ebtables 等网络功能,您必须添加NET_ADMIN以下功能:

docker run -it --cap-add=NET_ADMIN ubuntu bash

如果ebtables未安装ebtables包,则使用命令将包安装到容器中:

 sudo apt-get update
 sudo apt-get install ebtables

然后列出 ebtables:

/sbin/ebtables --list 
Bridge table: filter

Bridge chain: INPUT, entries: 0, policy: ACCEPT

Bridge chain: FORWARD, entries: 0, policy: ACCEPT

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
于 2017-02-06T05:37:01.970 回答
0

添加安装对我有帮助

    cap_add:
        - 'ALL'
    volumes:
        - '/dev:/dev'
        - '/lib/modules:/lib/modules'

root@linuxbridge-agent:/# ls /lib/modules 5.4.0-26-generic 5.4.0-37-generic 5.4.0-39-generic 5.4.0-40-generic

于 2020-07-10T20:50:07.823 回答