Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -L -n -t nat
- Chain PREROUTING (policy ACCEPT)
- target prot opt source destination
- DOCKER-INGRESS all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
- DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- DOCKER-INGRESS all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
- DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
- Chain POSTROUTING (policy ACCEPT)
- target prot opt source destination
- MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type LOCAL
- MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
- MASQUERADE all -- 172.18.0.0/16 0.0.0.0/0
- Chain DOCKER (2 references)
- target prot opt source destination
- RETURN all -- 0.0.0.0/0 0.0.0.0/0
- RETURN all -- 0.0.0.0/0 0.0.0.0/0
- Chain DOCKER-INGRESS (2 references)
- target prot opt source destination
- DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:30000 to:172.18.0.2:30000
- DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5001 to:172.18.0.2:5001
- DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 to:172.18.0.2:8080
- DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5000 to:172.18.0.2:5000
- netstat -ntlp
- Active Internet connections (only servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
- tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 925/sshd
- tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1059/master
- tcp6 0 0 :::5000 :::* LISTEN 909/dockerd
- tcp6 0 0 :::5001 :::* LISTEN 909/dockerd
- tcp6 0 0 :::2377 :::* LISTEN 909/dockerd
- tcp6 0 0 :::7946 :::* LISTEN 909/dockerd
- tcp6 0 0 :::30000 :::* LISTEN 909/dockerd
- tcp6 0 0 :::8080 :::* LISTEN 909/dockerd
- tcp6 0 0 :::22 :::* LISTEN 925/sshd
- tcp6 0 0 ::1:25 :::* LISTEN 1059/master
- From Inside the VM:
- curl -I http://10.255.7.207:5000/
- HTTP/1.1 200 OK
- From antoher VM on the same LAN:
- curl -vv http://10.255.7.207:5000/
- * connect to 10.255.7.207 port 5000 failed: Connection timed out
- TCPDUMP
- tcpdump -vvnn dst port 5000
- tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
- 17:19:58.879100 IP (tos 0x0, ttl 64, id 38305, offset 0, flags [DF], proto TCP (6), length 60)
- 10.255.7.163.36942 > 10.255.7.207.5000: Flags [S], cksum 0x8245 (correct), seq 2448172036, win 29200, options [mss 1460,sackOK,TS val 583971237 ecr 0,nop,wscale 7], length 0
- 17:19:59.877583 IP (tos 0x0, ttl 64, id 38306, offset 0, flags [DF], proto TCP (6), length 60)
- docker version
- Client:
- Version: 18.06.1-ce
- API version: 1.38
- Go version: go1.10.3
- Git commit: e68fc7a
- Built: Tue Aug 21 17:24:56 2018
- OS/Arch: linux/amd64
- Experimental: false
- Server:
- Engine:
- Version: 18.06.1-ce
- API version: 1.38 (minimum version 1.12)
- Go version: go1.10.3
- Git commit: e68fc7a
- Built: Tue Aug 21 17:23:21 2018
- OS/Arch: linux/amd64
- Experimental: false
- docker info
- Containers: 10
- Running: 7
- Paused: 0
- Stopped: 3
- Images: 11
- Server Version: 18.06.1-ce
- Storage Driver: overlay2
- Backing Filesystem: extfs
- Supports d_type: true
- Native Overlay Diff: true
- Logging Driver: json-file
- Cgroup Driver: cgroupfs
- Plugins:
- Volume: local
- Network: bridge host macvlan null overlay
- Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
- Swarm: active
- NodeID: t20zhzx4xlsii3zjig3guheq5
- Is Manager: true
- ClusterID: 8l5eobl9t7f4rjwy5y4ry3rh2
- Managers: 1
- Nodes: 2
- Orchestration:
- Task History Retention Limit: 5
- Raft:
- Snapshot Interval: 10000
- Number of Old Snapshots to Retain: 0
- Heartbeat Tick: 1
- Election Tick: 10
- Dispatcher:
- Heartbeat Period: 5 seconds
- CA Configuration:
- Expiry Duration: 3 months
- Force Rotate: 0
- Autolock Managers: false
- Root Rotation In Progress: false
- Node Address: 172.31.0.207
- Manager Addresses:
- 172.31.0.207:2377
- Runtimes: runc
- Default Runtime: runc
- Init Binary: docker-init
- containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e
- runc version: 69663f0bd4b60df09991c08812a60108003fa340
- init version: fec3683
- Security Options:
- apparmor
- seccomp
- Profile: default
- Kernel Version: 4.4.0-53-generic
- Operating System: Ubuntu 16.04.5 LTS
- OSType: linux
- Architecture: x86_64
- CPUs: 1
- Total Memory: 992.4MiB
- Name: iitwebuge019
- ID: FZ3W:ZRN2:ZSRO:CUST:BU5T:GAUB:DGNP:C5SR:HOXI:52UZ:G6DH:OSGX
- Docker Root Dir: /var/lib/docker
- Debug Mode (client): false
- Debug Mode (server): false
- Registry: https://index.docker.io/v1/
- Labels:
- Experimental: false
- Insecure Registries:
- 127.0.0.0/8
- Live Restore Enabled: false
- WARNING: No swap limit support
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement