Running Docker containers with UFW firewall setup can be challenging because Docker manipulates iptables rules by default. However, with some configuration, you can ensure both Docker and UFW work well together. Below is a step-by-step guide to configure Docker to not interfere with iptables and manually set up UFW rules.
1. Configure Docker Daemon, make “iptables”: false
sudo vi /etc/docker/daemon.jsonshould like below:
{
"runtimes": {
"nvidia": {
"path": "nvidia-container-runtime",
"runtimeArgs": []
}
},
"iptables": false
}2. Restart Docker
sudo systemctl restart docker3. Modify UFW Forward Policy
sudo sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw4. Reload UFW to apply the changes:
sudo ufw reloadReference:
KAGAYA's Blog 