ogbofjnr

Asked: 2020-09-26 21:28:41 +0800 CST2020-09-26 21:28:41 +0800 CST 2020-09-26 21:28:41 +0800 CST

How traffic flow to docker published port without iptables?

I wanted docker to respect ufw rules, so found this topic https://stackoverflow.com/questions/30383845/what-is-the-best-practice-of-docker-ufw-under-ubuntu

I did the following:

set "iptables": false for docker,

set sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw

set iptables -t nat -A POSTROUTING ! -o docker0 -s 172.17.0.0/16 -j MASQUERADE

And it works, but I don't understand how traffic gets to the container?

Before sudo iptables-save | grep 8123 gave me:

-A POSTROUTING -s 172.21.0.5/32 -d 172.21.0.5/32 -p tcp -m tcp --dport 8123 -j MASQUERADE
-A DOCKER ! -i br-cf80e85bf468 -p tcp -m tcp --dport 8123 -j DNAT --to-destination 172.21.0.5:8123
-A DOCKER -d 172.21.0.5/32 ! -i br-cf80e85bf468 -o br-cf80e85bf468 -p tcp -m tcp --dport 8123 -j ACCEPT

But after I disable iptable there is no rules, how traffic comes to the docker 8123 then? Here 8123 docker published port 0.0.0.0:8123->8123/tcp

How traffic flow to docker published port without iptables?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

How traffic flow to docker published port without iptables?

0 Answers