Docker Community Forums

Share and learn in the Docker community.

Wrong iptables port being added by Docker on app startup

docker
security

#1

I am running ubuntu 18.04 with Docker 18.09, both brand new installs. I am trying to create a private registry with harbor, but I need to change the port the database runs on from 5432 to 5433 to prevent conflicts with another app. I have updated the configuration to account for this, including in compose file. When I start up the composed app, it appears to be running on port 5433:

root@docker2:/var/local/harbor# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

bf66634dc38c goharbor/harbor-db:v1.6.3 “/entrypoint.sh post…” About a minute ago Up About a minute (healthy) 0.0.0.0:5433->5432/tcp harbor-db

However, the iptalbes firewall rule docker is creating a rule for 5432 (postgresql) instead of port 5433:
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp – !br-fc018a0d715b br-fc018a0d715b anywhere 172.18.0.2 tcp dpt:10514
0 0 ACCEPT tcp – !br-fc018a0d715b br-fc018a0d715b anywhere 172.18.0.3 tcp dpt:postgresql
0 0 ACCEPT tcp – !br-fc018a0d715b br-fc018a0d715b anywhere 172.18.0.9 tcp dpt:4443
0 0 ACCEPT tcp – !br-fc018a0d715b br-fc018a0d715b anywhere 172.18.0.9 tcp dpt:https
0 0 ACCEPT tcp – !br-fc018a0d715b br-fc018a0d715b anywhere 172.18.0.9 tcp dpt:http

This is preventing the app from working correctly. Why would docker be setting the standard port instead of the custom port rule?