fix(firewall): docker external ports issue

K1nd4SUS · May 20, 2024 · 52377b4 · 52377b4
1 parent c950de3
commit 52377b4
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/firewall/firewall/rules/rules.go b/firewall/firewall/rules/rules.go
@@ -23,7 +23,10 @@ func getIPTablesCommand(config configuration.Configuration, service services.Ser
  }
  }()), service.Chain,
  "-p", service.Protocol,
- "--dport", fmt.Sprintf("%v", service.Port),
+ // taken from:
+ // https://docs.docker.com/network/packet-filtering-firewalls/#match-the-original-ip-and-ports-for-requests
+ "-m", "conntrack",
+ "--ctorigdstport", fmt.Sprintf("%v", service.Port),
  "-j", "NFQUEUE",
  "--queue-num", fmt.Sprintf("%v", service.Nfq),
  )