Air-gapped containers

Beta feature

This feature is in Beta. It's available with Docker Desktop version 4.29 and later.

Air-gapped containers allows administrators to restrict containers from accessing network resources, limiting where data can be uploaded to or downloaded from.

Docker Desktop can apply a custom set of proxy rules to network traffic from containers. The proxy can be configured to:

  • Allow network connections
  • Reject network connections
  • Tunnel through an HTTP or SOCKS proxy

You can choose:

  • Which outgoing TCP ports the policy applies to. For example, only certain ports, 80, 443 or all with *.
  • Whether to forward to a single HTTP or SOCKS proxy, or to have a policy per destination via a Proxy Auto-Configuration (PAC) file.


Assuming enforced sign-in and Settings Management are enabled, add the new proxy configuration to the admin-settings.json file. For example:

  "configurationFileVersion": 2,
  "containersProxy": {
    "locked": true,
    "mode": "manual",
    "http": "",
    "https": "",
    "exclude": "",
    "pac": "",
    "transparentPorts": "*"

The containersProxy setting describes the policy which is applied to traffic from containers. The valid fields are:

  • locked: If true, it is not possible for developers to override these settings. If false the settings are interpreted as default values which the developer can change.
  • mode: Same meaning as with the existing proxy setting. Possible values are system and manual.
  • http, https, exclude: Same meaning as with the proxy setting. Only takes effect if mode is set to manual.
  • pac : URL for a PAC file. Only takes effect if mode is manual, and is considered higher priority than http, https, exclude.
  • transparentPorts: A comma-separated list of ports (e.g. "80,443,8080") or a wildcard (*) indicating which ports should be proxied.


Any existing proxy setting in the admin-settings.json file continues to apply to traffic from the app on the host.

Example PAC file

For general information about PAC files, see the MDN Web Docs.

The following is an example PAC file:

function FindProxyForURL(url, host) {
	if (localHostOrDomainIs(host, 'internal.corp')) {
		return "PROXY";
	if (isInNet(host, "", "")) {
	    return "DIRECT";
    return "PROXY reject.docker.internal:1234";

The url parameter is either http://host_or_ip:port or https://host_or_ip:port.

The hostname is normally available for outgoing requests on port 80 and 443, but for other cases there is only an IP address.

The FindProxyForURL can return the following values:

  • PROXY host_or_ip:port: Tunnels this request through the HTTP proxy host_or_ip:port
  • SOCKS5 host_or_ip:port: Tunnels this request through the SOCKS proxy host_or_ip:port
  • DIRECT: Allows this request to go direct, without a proxy
  • PROXY reject.docker.internal:any_port: Rejects this request

In this particular example, HTTP and HTTPS requests for internal.corp are sent via the HTTP proxy Requests to connect to IPs on the subnet connect directly. All other requests are blocked.

To restrict traffic connecting to ports on the developers local machine, match the special hostname host.docker.internal.