firewalld & docker - interaction
Posted: 2020/01/13 18:48:55
Hi,
I'm currently using CentOS 7 as a server. I use firewalld to restrain to the maximum the access to my server. Only my ssh and nginx is accessible ... Well, actually this is what I thought.
I've discover a really annoying problem : I use postgresql inside a docker (I use the official image) and for an unknown reason, I can access my database on port 5432 (default port for postgresql) from outside even though the only active zone is the following one :
nginx service allows port 80 and 443 and ssh service allows port 22.
I don't understand why psql is accessible from outside. As far as I know I suspect docker because I've had a similar issue when I used debian server. Docker tends to meddle with iptables and overwrites rules.
Thanks for your help !
I'm currently using CentOS 7 as a server. I use firewalld to restrain to the maximum the access to my server. Only my ssh and nginx is accessible ... Well, actually this is what I thought.
I've discover a really annoying problem : I use postgresql inside a docker (I use the official image) and for an unknown reason, I can access my database on port 5432 (default port for postgresql) from outside even though the only active zone is the following one :
Code: Select all
public (active)
target: default
icmp-block-inversion: yes
interfaces: eth0
sources:
services: nginx ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
I don't understand why psql is accessible from outside. As far as I know I suspect docker because I've had a similar issue when I used debian server. Docker tends to meddle with iptables and overwrites rules.
Thanks for your help !