How to Fix the Plesk Firewall Do Not Block Connections to Docker Container Error?

How to Fix the Plesk Firewall Do Not Block Connections to Docker Container Error?

Docker is a really useful tool for development teams. It offers virtual containers where you can store your code and deliver services to your end users. When you start using Docker, it install two custom iptables chains. These are:

Code:
DOCKER-USER
DOCKER
These two chains handle the incoming packets.

You should know that Plesk doesn’t have the authoritative power to edit or make changes to the chains.

There is a simple way you can fix this error. Here are the steps involved:
  • Using SSH, connect to server
  • Add the rule to DOCKER-USER chain as per verified in FORWARD:
  • If you don’t want any public network to access:
Code:
# iptables -I DOCKER-USER -d 172.17.0.2 -p tcp --dport <DOCKER_CONTAINER_PORT> -j DROP
  • Replace <DOCKER_CONTAINER_PORT> with the correct container port number
  • If you want to allow access from certain IP addresses and deny access to the public network, then add these codes:
  • Code:
    # iptables -I DOCKER-USER -d 172.17.0.2 -p tcp --dport <DOCKER_CONTAINER_PORT> -j DROP# iptables -I DOCKER-USER -d 172.17.0.2 -p tcp --dport <DOCKER_CONTAINER_PORT> -s <ALLOWED_IPS> -j ACCEPT
  • Replace <ALLOWED_IPS> with the IP addresses to which you want to give access.
  • Then, you need to remove the Firewall extension
  • Lastly, you’d have to save the iptables rules to the file system. This is an OS-specific task.
For CentOS=/RHEL-based distributions, connect to server and execute the following commands:

Code:
# service iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]
# service ip6tables save
Saving firewall rules to /etc/sysconfig/ip6table[ OK ]
For Debian/Ubuntu-based distributions, first you have to install iptables-persistent to load firewall rules when the server starts. Then you can save the rules to the file system. Execute these codes one by one:

Code:
# apt-get install iptables-persistent
# netfilter-persistent save
So that’s how you deal with the ‘Plesk Firewall do not block connections to Docker container’ error.
Author
kumkumsharma
Views
2,205
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from kumkumsharma

Top