Restrict all ports, except 443 and 80 (allow all from my ip)

nick50 · September 2, 2019, 8:50am

Hello, I have this question.
My goal is to restrict all ports except from my ip address, ports 443 and 80 make public for all.
I found this useful link in documentation, but that blocks all ports:

Then I found more, but they didn’t work at all:

gist.github.com

https://gist.github.com/tehmoon/b1c3ae5e9a67d66186361d4728bed799#file-iptables-reload-sh

iptables-reload.sh

#!/bin/sh
set -e

## SEE https://medium.com/@ebuschini/iptables-and-docker-95e2496f0b45

## You need to add rules in DOCKER-BLOCK AND INPUT for traffic that does not go to a container.
## You only need to add one rule if the traffic goes to the container

CWD=$(cd "$(dirname "${0}")"; pwd -P)
FILE="${CWD}/$(basename "${0}")"

This file has been truncated. show original

I think I’m very close, but still can’t make it work.
It either blocks everything or nothing.

Thanks for any help.

nick50 · September 13, 2019, 7:40am

So i have been debugging, and I found some new information:

It was working, I could reach ports 80, 443 form anywhere and other ports where accessible only via my ip.
But there is another problem.
This “tweak” blocked all outgoing traffic from containers to outer world, which I need, because my containers are downloading styles and fonts from google.

I found this, which sadly didn’t help: Configuring iptables to let Docker containers access out.

Thanks for any help.

Topic		Replies	Views
Restricting External Container Access with Iptables General	5	47810	November 14, 2018
Restricting exposed Docker ports with iptables General	2	9544	March 18, 2022
Trying to block Traffic from outside to container with iptables General docker	4	3391	September 23, 2020
Iptables to allow outgoing from docker container, redirect everything else General	3	2718	February 24, 2021
Not able to access port exposed from docker container General docker	0	2871	October 24, 2016

Restrict all ports, except 443 and 80 (allow all from my ip)

Related Topics