Inside docker

General firewall tables works, but there is a problem with connection state matching. Matching new connection works, but matching the rest of the same connection using RELATED and ESTABLISHED doesn't work:

 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  *      *       10.21.0.0/16         0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       10.22.0.0/16         0.0.0.0/0            ctstate RELATED,ESTABLISHED
    1    60 ACCEPT     all  --  *      *       192.168.64.0/21      10.21.0.0/16         ctstate NEW
    6   300 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with tcp-reset
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0

Tools

menus and quick search

quick search

site status

Page Tools

meta data for this page

Inside docker