Summary
A new same_network_verdict
option was added to the container-to-container configuration, enabling you to specify whether traffic between containers within the same network should be allowed or not.
Additionally, the pre-built Docker image now supports additional architectures in addition to amd64
: arm64
and armv7
(specifically armhf
). This means you can now pull and use the Docker image on e.g. your Raspberry Pis!
You can upgrade from version 1.2.1 and 1.2.0 without further considerations, i.e. you don't have to change anything in your config. If you are upgrading from an earlier version, you can consult the release notes for version 1.2.0, the upgrade considerations described there apply to version 1.3.0 as well.
Changes
1.3.0 (2024-01-07)
-
Add
same_network_verdict
option to container-to-container configuration, enabling users to specify whether traffic between containers within the same network should be allowed or not. -
Replace library used to communicate with Docker (which also fixes #411).
This release replaces the previously used library shiplift by bollard.
This is not expected to have any impact on users of DFW. -
Build Docker images for multiple architectures:
amd64
,arm64
,arm/v7
.This is especially helpful for Raspberry Pi users, as they can now use the official Docker image instead of having to build the binary themselves.
You can pull the image from Docker Hub (
pitkley/dfw:1.3.0
) or the GitHub Container Registry (ghcr.io/pitkley/dfw:1.3.0
) for any of the mentioned architectures.
Internal changes: dependency updates, CI updates, bump minimum supported Rust version to 1.67.0 (from 1.46.0), bump to Rust edition 2021.
Installation
While you can use Cargo to install dfw
as a binary, using the Docker image is the preferred way to go, especially if you don't want to install Rust and Cargo on your host:
$ docker pull pitkley/dfw:1.3.0
$ docker run -d \
--name=dfw \
--restart=unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
-v /path/to/your/config:/config \
--net host --cap-add=NET_ADMIN \
pitkley/dfw:1.3.0 --config-path /config
This will download a lightweight image, coming in at around 20 MB, and subsequently run it using your configuration.
The image supports multiple architectures: amd64
, arm64
, armv7
(specifically armhf
).