Dear all,I am trying to access SSH in a Docker container via a port forwarding from Docker, which works via IPv6 but not IPv4 (!).
Setup: enp35s0, main interface to world, IPv4 144.76.173.241 docker0, docker bridge interface, Container IP is 172.17.0.4Docker file has " --publish 9202:22" meaning bind host 0.0.0.0:9202 and forward to container:22.
In Shorewall, net to $FW has tcp/9202 as allowed. Observations:- Connection to 144.76.173.241:9202 does not work (Network unreachable), IPv6 connection does work (SSH connection established). - Connection from the Docker Container to 144.76.173.241:9202 works (via IPv4, as Docker is IPv4-only!), SSH connection works.
Also: # cat /etc/shorewall/shorewall.conf | grep DOCKER DOCKER=Yes # cat /proc/sys/net/ipv4/ip_forward 1 /sbin/shorewall dump: attached! Connection tried from 109.91.174.146 to 144.76.173.241:9202.I assume some kind of masquerading is missing, but I am way out of my depth here. Any ideas? At some point I also tried removing the publish command from Docker and used "DNAT net docker:172.17.0.4:22 tcp 9202", which also did not work.
Thank you, Philipp
shorewall_dump.txt.bz2
Description: Binary data
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
