Re: PostgreSQL port accessible even though it should be blocked by firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 2018-10-29, Frank Thommen <list.centos@xxxxxxxxxx> wrote:
>
> PostgreSQL is running in a docker container:
>
> $ docker ps
> CONTAINER ID        IMAGE                         COMMAND 
>    CREATED             STATUS              PORTS                    NAMES
> 6f11fc41d2f0        postgres                  "docker-entrypoint..."   4 
> days ago          Up 4 days           0.0.0.0:5432->5432/tcp   postgres
> $
>
> The various docker interfaces and virtual bridges are not assigned to 
> any specific zone.
>
> Why is port 5432/tcp open?

It may be Docker manipulating the iptables rules.  If you don't want it
open at all, remove the port argument from the docker run command line
(or moral equivalent) and recreate the container (make sure you have
saved your data first, either with a volume mount or by dumping first).

If you need something more complex, here's some docs on how Docker
interacts with iptables, and how you can insert rules into its chains:

https://docs.docker.com/network/iptables/

--keith


-- 
kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux