Pi-hole on VPS running in a docker container with UFW

Expected Behaviour:

I am running Pihole in a docker container on a debian 11 VPS system. This vps is wide open to the internet, so my pihole is an open dns resolver. Now i am trying to block all access to the vps with UFW, and only allow my home ip access. In a normal (not docker install) iw always worked, but for some reason docker install is still accessible as for instance SSH on 2929 is blocked.
Does docker overrule UFW or something like that?

Actual Behaviour:

pi-hole still accessible from other ips, ufw not blocking
Also portainer is still acessible from other ips:

**Anywhere ALLOW 45.x.x.x (my ip)
80/tcp DENY Anywhere
DNS DENY Anywhere
9000 DENY Anywhere
80/tcp (v6) DENY Anywhere (v6)
DNS (v6) DENY Anywhere (v6)
9000 (v6) DENY Anywhere (v6)

Debug Token:

Best to take Pi-hole offline while you work it out to prevent possible abuse.

Yes, it's offline

1 Like

Yes, docker has it's own iptables chains. Docker and UFW is kind of notorious for being a difficult configuration. There's a number of guides on out there, what works for you may not work for others and what works for others may not work for you.

Ok, clear
What else can i use then as firewall?
Or does docker effect all firewalls like ufw

Good questions, I don't have any answer for them.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.