diff --git a/src/dockerproxy.js b/src/dockerproxy.js
index 9b4d50557..0f62c10e7 100644
--- a/src/dockerproxy.js
+++ b/src/dockerproxy.js
@@ -13,27 +13,25 @@ var assert = require('assert'),
     net = require('net');
 
 var gServer = null;
+var gJSONParser = bodyParser.json();
 
 function start(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    var parser = bodyParser.json();
 
-    function interceptor(req, res) {
-        console.log(`request: ${req.method} ${req.url}`, req.body);
+    function authorized(req, res) {
+        // TODO add here some authorization
+        // - block apps not using the docker addon
+        // - block calls regarding platform containers
+        // - only allow managing and inspection of containers belonging to the app
 
-        if (req.method === 'POST' && req.url.match(/\/containers\/create/)) {
-            debug('patching container creation');
-        }
-
-        return false;
+        return true;
     }
 
     debug(`startDockerProxy: starting proxy on port ${config.get('dockerProxyPort')}`);
 
-
     gServer = http.createServer(function (req, res) {
-        if (interceptor(req, res)) return;
+        if (!authorized(req, res)) return;
 
         var options = {
             socketPath: '/var/run/docker.sock',
@@ -54,7 +52,17 @@ function start(callback) {
 
         req.on('error', function (error) { console.error('req error:', error); });
 
-        if (!req.readable) {
+        if (req.method === 'POST' && req.url.match(/\/containers\/create/)) {
+            gJSONParser(req, res, function () {
+                // overwrite the network the container lives in
+                req.body.HostConfig.NetworkMode = 'cloudron';
+
+                var plainBody = JSON.stringify(req.body);
+
+                dockerRequest.setHeader('Content-Length', Buffer.byteLength(plainBody));
+                dockerRequest.end(plainBody);
+            });
+        } else if (!req.readable) {
             dockerRequest.end();
         } else {
             req.pipe(dockerRequest, { end: true });
diff --git a/src/test/dockerproxy-test.js b/src/test/dockerproxy-test.js
index f8d1f8933..da91f1b87 100644
--- a/src/test/dockerproxy-test.js
+++ b/src/test/dockerproxy-test.js
@@ -30,9 +30,17 @@ describe('Cloudron', function () {
 
     it('can create container', function (done) {
         var cmd = DOCKER + ` run ubuntu "/bin/bash" "-c" "echo 'hello'"`;
-        console.log(cmd)
         exec(cmd, function (error, stdout, stderr) {
-            console.log(error, stdout, stderr)
+            expect(error).to.be(null);
+            expect(stdout).to.contain('hello');
+            expect(stderr).to.be.empty();
+            done();
+        });
+    });
+
+    it('proxy overwrites the container network option', function (done) {
+        var cmd = DOCKER + ` run --network ifnotrewritethiswouldfail ubuntu "/bin/bash" "-c" "echo 'hello'"`;
+        exec(cmd, function (error, stdout, stderr) {
             expect(error).to.be(null);
             expect(stdout).to.contain('hello');
             expect(stderr).to.be.empty();