1

I have a host with csf firewall allowing some external ports like ssh, http, https.

I have now installed docker and mariadb through docker. I use docker run command with -p 6000:3306, so that means that docker exposes mariadb port in 6000.

I try mysql -h 127.0.0.1 --port 6000 -u root -ppass but seems it cannot connect. If I stop csf it connects.

So how can I unblock all local connections from csf to docker containers?

Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
Harris
  • 123
  • 4

1 Answers1

0

Running docker behind a firewall isn't that obvious. Docker tries to change the iptables rules. To allow this edit your /etc/csf/csf.conf and change the DOCKER option to 1 or use the UI: enter image description here

Be careful because -p 6000:3306 will expose the ports for the whole world. If you want to expose it for only local usage, try -p 127.0.0.1:600:3306.

mhellmeier
  • 151
  • 4