Guest User

Untitled

a guest
Apr 22nd, 2018
75
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.65 KB | None | 0 0
  1. # Solves the problem with open ports with docker and ufw
  2. # As Docker uses the nat table, the filter table FORWARD chain is used and does not touch ufw-input chains as expected.
  3. # Even for ufw-forward chains it would not work, as DOCKER chains are inserted in front.
  4. # This is a simple fix that worked for me. iptables-restore --noflush iptables-docker-ufw.save
  5.  
  6. # Add following lines to /etc/ufw/after.rules
  7.  
  8. *filter
  9. :DOCKER-USER - [0:0]
  10. :ufw-user-input - [0:0]
  11.  
  12. -A DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  13. -A DOCKER-USER -m conntrack --ctstate INVALID -j DROP
  14. -A DOCKER-USER -i eth0 -j ufw-user-input
  15. -A DOCKER-USER -i eth0 -j DROP
  16. COMMIT
Add Comment
Please, Sign In to add comment