1

i have installed docker but standard policy is all open. I added this rules in iptables 

 -N DOCKER-USER
 -I DOCKER-USER -p tcp --dport 80  -j ACCEPT
 -I DOCKER-USER -p tcp --dport 443 -j ACCEPT
 -A DOCKER-USER -i eth0 -j DROP

but the result is 

Chain DOCKER-USER (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80      
DROP       all  --  0.0.0.0/0            0.0.0.0/0
abubi abubi
  • 31
  • 4
  • I have the same issue. as soon I started changng the `DOCKER-USER` chain, docker stopped adding it to the `FORWARD` chain and I can't figure out how to make docker use it again. – Jayen Mar 22 '19 at 10:25
  • for whatever reason, docker isn't creating the `DOCKER-USER` chain until i reboot – Jayen Mar 22 '19 at 10:39

1 Answers1

0

You should not need to create DOCKER-USER. It should already exist, and the FORWARD chain should use it. I have found that you need to stop all running containers and restart docker to make it appear.

Jayen
  • 1,857
  • 4
  • 16
  • 28