DFW (GitHub) is conceptually based on the Docker Firewall Framework, DFWFW. Its goal is to make firewall administration with Docker simpler, but also more extensive by trying to replace the Docker built-in firewall handling.

This is accomplished by a flexible configuration that defines how the firewall should be built up. For example, if you have some application running in the Docker container example_app_1 which is reachable on port 80 that you want to expose on the host on port 80, the following configuration could be used:

[wider_world_to_container]
[[wider_world_to_container.rules]]
network = "example_default"
dst_container = "example_app_1"
expose_port = 80

You can find more example configurations in the GitHub repository, and more details about DFW in general can be found in the project's README on GitHub.