Coming soon - Get a detailed view of why an account is flagged as spam!
view details

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

0
port forwarding works only for bridge IP, but not for host IP
Post Body

Hi All,

I have a wierd problem which I can't figure out muself.

I have this simple container running on my docker with default launch command, i.e:

 docker run -it --rm --cap-add NET_ADMIN -p 1080:1080 -e USER=<email> -e PASS='<pass>' -e TECHNOLOGY=NordLynx twitchax/nordvpn-proxy

It's connected to the default bridge and it exposes socks proxy on port 1080. I can reach that proxy if I connect via bridge IP (i.e. 172.17.0.4 ) but I cannot connect to it via host IP.

While I have Portainer on the same default bridge and I can access it via forwarded port on the host w/o any issues. Any ideas what's wrong here?

root@ubuntu:~# docker port nostalgic_galois
1080/tcp -> 0.0.0.0:1080

root@ubuntu:~# netstat -tulp | grep socks
tcp6       0      0 [::]:socks              [::]:*                  LISTEN      3539426/docker-proxy

root@ubuntu:~# docker ps
CONTAINER ID        IMAGE                                            COMMAND                  CREATED             STATUS                    PORTS                                                                         NAMES
f6b9398930b2        twitchax/nordvpn-proxy                           "/start.sh"              14 hours ago        Up 14 hours (unhealthy)   0.0.0.0:1080->1080/tcp                                                        nostalgic_galois
...

root@ubuntu:~# docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "d2e53fb8e317f7f723dd635f4a4661f86a056ba5d74b11cb5dd925a688aed1b3",
        "Created": "2020-11-10T00:47:59.415805106 03:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
........
            "d4931c221fbb05c8fb2d994f19200704052969c73127d7ea0e06ed997006e2b2": {
                "Name": "portainer",
                "EndpointID": "03805ede835cde43b52afcb83c45a4999dc1cdc526807736ebb23e6e8d1f217d",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            },
            "f6b9398930b2291939a5a4fa845a4f993ac1ce22bcb01374eac5e6147571b562": {
                "Name": "nostalgic_galois",
                "EndpointID": "3e79589714118ba1a687840e991161d6b549fcc2c72960f2e9a14175fc0966b6",
                "MacAddress": "02:42:ac:11:00:04",
                "IPv4Address": "172.17.0.4/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

and this is from within container:

root@ubuntu:~# docker exec nostalgic_galois ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: nordlynx: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1420 qdisc fq_codel state UNKNOWN group default qlen 500
    link/none
    inet 10.5.0.2/16 scope global nordlynx
       valid_lft forever preferred_lft forever
232: eth0@if233: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.4/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever

some logs from proxy:

2020-11-09 22:13:24,873 INFO  [rusty_socks] Listen IP:    172.17.0.4
2020-11-09 22:13:24,874 INFO  [rusty_socks] Endpoint IP:  10.5.0.2
2020-11-09 22:13:24,876 INFO  [rusty_socks] Port:         1080
2020-11-09 22:13:24,877 INFO  [rusty_socks] Buffer Size:  2048
2020-11-09 22:13:24,877 INFO  [rusty_socks] Read Timeout: 5000
2020-11-09 22:13:24,878 INFO  [rusty_socks] Accept CIDR:  0.0.0.0/0
2020-11-09 22:13:24,879 INFO  [rusty_socks] Listening on tcp://172.17.0.4:1080 ...
2020-11-09 22:14:23,817 INFO  [rusty_socks::connection] [1eRj] 172.17.0.1:52310 => 172.17.0.4:1080 => 10.5.0.2:49857 => x.x.x.x:80

Author
Account Strength
80%
Account Age
8 years
Verified Email
Yes
Verified Flair
No
Total Karma
99
Link Karma
61
Comment Karma
38
Profile updated: 2 days ago
Posts updated: 1 year ago
lustyffh

Subreddit

r/docker

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
4 years ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/docker/comm...