Hello,
how can i block port 8000 with iptables from outside for all docker-containers?
Port 8000 is used by COOLIFY!!!
Where does docker save the iptables-rules permanently in Ubuntu 24.04?
Best regards
MB
Share and learn in the Docker community.
Hello,
how can i block port 8000 with iptables from outside for all docker-containers?
Port 8000 is used by COOLIFY!!!
Where does docker save the iptables-rules permanently in Ubuntu 24.04?
Best regards
MB
Hello and welcome,
why is it neccessary to block access from the outer world to the containers port :8000?
If you donât want to have access to containerâs port :8000
donât publish these ports to the outside world. You can still access the containers from other containers using the container-name and port :8000
(to stay with this port in this example).
Or if you need access only from your host machine but not from the outside world you can publish the containers port to 127.0.0.1:8000
instead of publishing it to 0.0.0.0:8000
as in the following snippet from a docker-compose.yml
ports:
- "127.0.0.1:8000:8000"
This made me curious
I wonder if there is some way to disable the loopback address (127.0.0.1) and set up a DNS which redirects 127.0.0.1 to a specific machine
If that is possible, would the container accept a request sent to it then?
Edit: Oops, not a DNS, that doesnât do IPs, itâs a network level issue, sorry, brainfart
Everything to know about Docker and iptables is probably here
Search for DOCKER-USER
HELP:
Where does docker save the iptables-rules permanently in Ubuntu 24.04?
Port 8000:
I have installed COOLIFY and now i will close the port 8000 - but all rules doesnât work!
Best regards
MB
HELP:
Where does docker save the iptables-rules permanently in Ubuntu 24.04?
It doesnât. I stores container and network metadata and create the rules when you start Docker. I shared the documentation about the topic, but I rarely write iptables rules and just donât forward ports to containers instead of trying to undo that using iptables.
Thank you!
In which files can I find the rules that docker loads after startup?
There must be a rule for port 8000 somewhere - which COOLIFY uses - right?
Best regards
I donât think it is a single file. As I wrote there is network metadata and individual containerIt wouldnât help. And you should never touch those files. The network database is a binary file anyway and there are container metadata json files and lots of other files under the docker data root (/var/lib/docker
). Since I had a post about the network database, I can share
but it will still not help. It is not something you will change.