Answer the question
In order to leave comments, you need to log in
D
D
Drno2022-02-15 14:16:19
Drno, 2022-02-15 14:16:19
Why is iptables not closing a port?
Good day. I try to close the iptables port from outside, but the rule does not work.
I have a service on port 81, in docker. I want the port to be closed through the external interface (except for one IP), I will go through Localhost
What I do - I
allow access to the port from my IP
iptables -A INPUT -s 188.242.111.111 -p tcp --dport 81 -j ACCEPT I
prohibit access to this port to external interface
iptables -A INPUT -i enp2s0 -p tcp --dport 81 -j DROP
output iptables -L -n -v
5 answer(s)
@voleg4u
@iDmitriyWinX
Services will be able to communicate with each other, but this service will not be available from the outside.
And to do something there yourself, use docker exec
@dronmaxman
@Zzzz9
O
Oleg Volkov, 2022-02-15 @voleg4u
Docker has its own tables, and you edit the main ones. See real life withiptables-save
R
Rag'n' Code Man, 2022-02-15 @iDmitriyWinX
So just don't expose the service port to the outside in your docker-compose file:
ports:
- "81"Services will be able to communicate with each other, but this service will not be available from the outside.
And to do something there yourself, use docker exec
A
Andrey Barbolin, 2022-02-15 @dronmaxman
If so?
iptables -t nat -A PREROUTING -s 188.242.111.111 -p tcp --dport 81 -j ACCEPT
iptables -t nat -A PREROUTING -i enp2s0 -p tcp --dport 81 -j DROP
iptables -nvL -t natZ
Zzzz9, 2022-02-15 @Zzzz9
Little information, do you have internet on enp2s0 or some pppoe, tun?
look at iptables-save and ip add.
On counters 0 and on ACCEPT and on DROP
Similar questions
I
Ilya Derevyannykh2020-10-07 22:21:50
Is it possible to automatically change prices in Woocommerc?
4Reply
R
A
V
Vadim2018-10-19 21:34:54
The top command shows a user that is not present. How is this possible?
1Reply
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question