1

I have deployed nextcloud docker image on my raspberry (ArchLinux ARM) with podman, I have opened 443/tcp port on UFW, but because of UFW nexcloud is unreachable from outside. If UFW is disabled, everything is working fine. Has anyone already configured UFW for podman on port 443 ?

heybix06
  • 31
  • 3
  • It would just be `sudo ufw allow 443`, no? I don't think it would be different for each application. What command did you use to allow that port? – Nick ODell Jan 26 '22 at 21:53

2 Answers2

1

Had the same issue, where the moment ufw was enabled no exposed port was reachable from the outside.

tldr; what helped me directly was addition of this rule:

iptables -I FORWARD -p tcp ! -i cni-podman0 -o cni-podman0 -j ACCEPT

however it's one of those things I'm not perfectly sure about re SecOps, so hoping there's someone who can improve on that answer.

Credits go to: https://osric.com/chris/accidental-developer/2018/12/docker-versus-podman-and-iptables/

where there's way way more description of the problem given, so give it a read too.

Grzegorz Nowak
  • 51
  • 3
  • Red Hat's recommendation is here, which is a bit more nuanced than this single rule: https://access.redhat.com/solutions/5885821 – Hamish Moffatt Jan 13 '23 at 03:46
0

ufw allow from [sourceIP] to any port [destinationPort]

MrTshoot
  • 95
  • 7