http://192.168.180.206:8001/ 2026-05-13T00:25:57+00:00 http://192.168.180.206:8001/ http://192.168.180.206:8001/_media/wiki:dokuwiki.svg text/html 2020-02-26T20:43:47+00:00 Anonymous (anonymous@undisclosed.example.com) http://192.168.180.206:8001/linux:docker:network:firewall?rev=1582749827&do=diff Docker plays with host iptables firewall with every container action. The best is to manipulate firewall manually. [Service] ExecStart= ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --iptables=false text/html 2020-03-16T08:43:52+00:00 Anonymous (anonymous@undisclosed.example.com) http://192.168.180.206:8001/linux:docker:network:iptables?rev=1584348232&do=diff Inside docker General firewall tables works, but there is a problem with connection state matching. Matching new connection works, but matching the rest of the same connection using RELATED and ESTABLISHED doesn't work: pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 10.21.0.0/16 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 10.22.0.0/16 0.0.0.0/0 …