DocFraggle
Here’re the results :
`
root@mail:~# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
MAILCOW 0 – 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
MAILCOW 0 – 0.0.0.0/0 0.0.0.0/0
DOCKER-USER 0 – 0.0.0.0/0 0.0.0.0/0
DOCKER-ISOLATION-STAGE-1 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
DOCKER 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
DOCKER 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0
ACCEPT 0 – 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (2 references)
target prot opt source destination
ACCEPT 6 – 0.0.0.0/0 172.22.1.3 tcp dpt:3306
ACCEPT 6 – 0.0.0.0/0 172.22.1.5 tcp dpt:8983
ACCEPT 6 – 0.0.0.0/0 172.22.1.249 tcp dpt:6379
ACCEPT 6 – 0.0.0.0/0 172.22.1.250 tcp dpt:110
ACCEPT 6 – 0.0.0.0/0 172.22.1.250 tcp dpt:143
ACCEPT 6 – 0.0.0.0/0 172.22.1.250 tcp dpt:993
ACCEPT 6 – 0.0.0.0/0 172.22.1.250 tcp dpt:995
ACCEPT 6 – 0.0.0.0/0 172.22.1.250 tcp dpt:4190
ACCEPT 6 – 0.0.0.0/0 172.22.1.250 tcp dpt:12345
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 0 – 0.0.0.0/0 0.0.0.0/0
DOCKER-ISOLATION-STAGE-2 0 – 0.0.0.0/0 0.0.0.0/0
RETURN 0 – 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP 0 – 0.0.0.0/0 0.0.0.0/0
DROP 0 – 0.0.0.0/0 0.0.0.0/0
RETURN 0 – 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN 0 – 0.0.0.0/0 0.0.0.0/0
Chain MAILCOW (2 references)
target prot opt source destination
DROP 6 – 0.0.0.0/0 0.0.0.0/0 multiport dports 3306,6379,8983,12345
`
the other one :
`
root@mail:~# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER 0 – 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER 0 – 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE 0 – 172.17.0.0/16 0.0.0.0/0
MASQUERADE 0 – 172.22.1.0/24 0.0.0.0/0
MASQUERADE 6 – 172.22.1.3 172.22.1.3 tcp dpt:3306
MASQUERADE 6 – 172.22.1.5 172.22.1.5 tcp dpt:8983
MASQUERADE 6 – 172.22.1.249 172.22.1.249 tcp dpt:6379
MASQUERADE 6 – 172.22.1.250 172.22.1.250 tcp dpt:110
MASQUERADE 6 – 172.22.1.250 172.22.1.250 tcp dpt:143
MASQUERADE 6 – 172.22.1.250 172.22.1.250 tcp dpt:993
MASQUERADE 6 – 172.22.1.250 172.22.1.250 tcp dpt:995
MASQUERADE 6 – 172.22.1.250 172.22.1.250 tcp dpt:4190
MASQUERADE 6 – 172.22.1.250 172.22.1.250 tcp dpt:12345
Chain DOCKER (2 references)
target prot opt source destination
RETURN 0 – 0.0.0.0/0 0.0.0.0/0
RETURN 0 – 0.0.0.0/0 0.0.0.0/0
DNAT 6 – 0.0.0.0/0 127.0.0.1 tcp dpt:13306 to:172.22.1.3:3306
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 127.0.0.1 tcp dpt:18983 to:172.22.1.5:8983
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 127.0.0.1 tcp dpt:7654 to:172.22.1.249:6379
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:172.22.1.250:110
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 to:172.22.1.250:143
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 to:172.22.1.250:993
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 to:172.22.1.250:995
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 0.0.0.0/0 tcp dpt:4190 to:172.22.1.250:4190
Warning: Extension DNAT is not supported, missing kernel module?
DNAT 6 – 0.0.0.0/0 127.0.0.1 tcp dpt:19991 to:172.22.1.250:12345
`
I launched mailcow via docker-compose up -d