Version Information
Ubuntu: 24.04.1-desktop-amd64_2
Docker: 27.4.1
IP Addresses
Host Machine: 192.168.173.130
docker0 Interface: 172.17.0.1
Nginx Docker Container: 172.17.0.2
Deployment Details
I have deployed an Nginx server with the following port mappings: -p 9527:80 and -p 443:443. At this point, UFW (Uncomplicated Firewall) is disabled.
Accessing 192.168.173.130:9527 via browser works fine.
Accessing 192.168.173.130:9527 using curl on the host machine works fine.
Accessing 192.168.173.130:9527 from inside the Nginx container works fine.
Issue with UFW Enabled
However, when UFW is enabled:
Accessing 192.168.173.130:9527 via browser still works fine.
Accessing 192.168.173.130:9527 using curl on the host machine still works fine.
Accessing 192.168.173.130:9527 from inside the Nginx container fails.
So I went into the nginx container inside ping 192.168.173.130 is through, telnet 192.168.173.130 9527 is not working, so I confirm that it is a port problem, I open ufw port 9527,
Inside the nginx container, access 192.168.173.130:9527, everything works fine
But the problem is strange, and theoretically UFW is not able to intercept it。And I have verified on centos 7.9 and docker26 before that port 9527 is opened without a firewall
What is the problem? I’m testing on 1, ubuntu-24.04.1-desktop-amd64_2, docker version 26, and the problem still exists
I looked at the iptable logs and it looked like it was intercepted and saw that it was indeed blocked
2025-01-16T11:10:02.840579+08:00 local-ubuntu24 kernel: [UFW BLOCK] IN=docker0 OUT= MAC=02:42:f4:08:ef:e3:02:42:ac:11:00:03:08:00 SRC=172.17.0.2 DST=192.168.173.130 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=31489 DF PROTO=TCP SPT=53058 DPT=9650 WINDOW=64240 RES=0x00 SYN URGP=0
I don’t really understand what the problem is, my reinstall and reboot didn’t work.