Minecraft Velocity Server

Hello, I have created a docker container with velocity I have configured everything correctly. I created GRE tunnel from protected VPS server to my non protected Dedicated server, but when I run just velocity without docker tunneling works fine, when I run it in docker I am not allowed to the server through the ip of protected VPS, I tried to put in ports 0.0.0.0.0:25565:25565, there is no problem here it catches the ip of aders even if I put 1.1.1.1.1 it gives an error so the problem is not in the configuration. I think that docker creates some rules in iptables which do not allow to connect from remote ip addresses, below I have given all configurations and so on, please help. Translated with DeepL.com (free version) service-proxy on docker-compose.yml:

  proxy:
    image: itzg/bungeecord
    container_name: proxy
    networks:
      servers:
        ipv4_address: 172.19.0.2
    ports:
      - "0.0.0.0:25565:25565"
    restart: always
    environment:
      - MEMORY=6G
      - TYPE=CUSTOM
      - BUNGEE_JAR_FILE=V311.jar
      - TZ=Europe/Berlin
      - LANG=C.UTF-8
    user: "1000"
    volumes:
      - "/home/velocity:/server" 
    stdin_open: true
    tty: true

iptables:

Chain DOCKER (2 references)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  anywhere             172.19.0.4           tcp dpt:8123
2    ACCEPT     tcp  --  anywhere             172.19.0.4           tcp dpt:8010
3    ACCEPT     tcp  --  anywhere             172.19.0.6           tcp dpt:mysql
4    ACCEPT     tcp  --  anywhere             172.19.0.7           tcp dpt:8125
5    ACCEPT     tcp  --  anywhere             172.19.0.3           tcp dpt:irdmi
6    ACCEPT     tcp  --  anywhere             172.19.0.2           tcp dpt:25565
7    ACCEPT     tcp  --  anywhere             172.19.0.4           tcp dpt:teradataordbms
8    ACCEPT     tcp  --  anywhere             172.19.0.7           tcp dpt:mcreport
9    ACCEPT     tcp  --  anywhere             172.19.0.5           tcp dpt:8124
10   ACCEPT     tcp  --  anywhere             172.19.0.5           tcp dpt:8011
11   ACCEPT     tcp  --  anywhere             172.19.0.5           tcp dpt:vcom-tunnel

I also added to this NAT permission to connect from any ip addresses to port 25565, but that didn’t help.

Docker does not do such thing. A firewall like ufw ir firewalld could. By the way, are you using Docker Desktop as the chosen category suggests?

Is the process in the container listening on port 25565?

What is the exact error message? According to the image description, it listens on port 25577

https://hub.docker.com/r/itzg/bungeecord

You can also find compose files on GitHub:

Yes, as I said I have a GRE tunnel from a secured VPS server to a non secured dedicated server, the container itself with my proxy works fine I can connect via dedicatedip:25565 but I can’t connect via vpsip:25565.

But in case I run velocity without docker, everything works fine and I can connect via vpsip:25565.

I don’t know the image, so please, help to understand some things.

How the port in which the process is listening can be set? Does the port number depends on what jar file you mount? I don’t understand it, becaue even the healtccheck script checks the port you set in SERVER_PORT and I don’t see where it was changed.

The default server port is not to which you forward the host port

I don’t see where you changed the port.

If the ports are right, then maybe there is something in an external or internal firewall.

I’M not saying I completely understand your infrastructure though. I asked some questions which you didnt anwer like about Docker Desktop and the exact error message. Please, answer those too. There is a reason we ask these things. Thank you.