Restrict containers to local LAN only, no internet.
install -d -m 0755 "${HOME}/.local/bin"
install -m 0755 scripts/restrict-containers-rootless.sh \
"${HOME}/.local/bin/restrict-containers-rootless.sh"Edit the override.conf:
systemctl --user edit docker.service
Insert this:
[Service]
ExecStartPost=/home/me/.local/bin/restrict-containers-rootless.sh
Replace /home/me with your home directory.
Save the file.
Reload the systemd manager configuration:
systemctl --user daemon-reload
Restart Docker (Rootless):
systemctl --user restart docker.service