The rules I write in iptables are somehow being passed to iptables within Docker. Is there a way to do this without including them in Docker rules?

Please, explain your issue in more details. Maybe even with examples. What do you mean by “within Docker”? How do you apply the iptables rules? On the host or are you trying it inside a container? What kind of rules are you creating? By “in Docker rules”, you mean rules in the iptables chains of Docker Can you show what you see?

iptables -F
iptables -X
iptables -t mangle -F

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT


iptables -A INPUT -p tcp -s $ADMIN --dport 8000 -j ACCEPT
iptables -A OUTPUT -p tcp -d $ADMIN --sport 8000 -j ACCEPT

iptables -A OUTPUT -p tcp -d $DB --dport 3306 -j ACCEPT
iptables -A INPUT -p tcp -s $DB --sport 3306 -j ACCEPT



iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT


iptables -I DOCKER-USER -j RETURN
iptables -I DOCKER-USER -s $ADMIN -p tcp --dport 8000 -j ACCEPT
iptables -I DOCKER-USER -j DROP

Docker is somehow bypassing the rules I wrote without joining the Docker chain.
example rule

Do you have any ideas? Can you help?

I am not really an iptables guy, but have you checked the docs?

I’m like @meyay regarding IPtables. I only had to ad iptables rules once and it meant I had to add it every time I restarted Docker when I worke don a mahcine where someone also installed another tool that handled iptables rules and I don’t remember it, so the shared iptables guide will hopefully help if you haven’t seen it before.