il docker usa la porta tcp 8060 per l'interfaccia di amministrazione del netflow analyzer e usa la porta udp 9996 per i flussi netflow in entrata.
ho avviato il container in questo modo, da utente normale:
Codice: Seleziona tutto
docker run --detach --publish 8060:8060 babim/netflow:latest
Codice: Seleziona tutto
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
2107a6a17e81 babim/netflow:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:8060->8060/tcp, 9996/tcp, 9996/ud
p kind_jang
Codice: Seleziona tutto
nc -w 5 -v 192.168.2.14 8060
questo è l'output di iptables del server:
Codice: Seleziona tutto
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain DOCKER (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:8060
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
cosa cavolo è che impedisce l'accesso al container da fuori?