Docker Community Forums

Share and learn in the Docker community.

Docker UFW container access on private interface

I’m running Docker and I control my firewall using ufw.

What I want to achieve is to permit inbound access to my container, but to not permit the container to have outbound access to either the Internet or any other container.

I start my Docker daemon with "iptables": false.

I have ufw configured with DEFAULT_FORWARD_POLICY="ACCEPT" and Anywhere ALLOW IN with the intention of allowing access from my local subnet.

I start a container to test docker run -d -p 1234:80 nginx:alpine, however if I try to access nginx on port 1234, the connection times out for both and the local IP address of I can however access nginx via the docker0 interface of

Can someone help me with what iptables (I assume) command I need to run to permit access to the container on both and the private interface over port 1234?