Univention Bugzilla – Bug 43418
univention firewall exceptions for PortsExclusive
Last modified: 2019-01-03 07:19:36 CET
An App with PortsExclusive = 143 maps the port 143 form the container to the host. Docker itself adds a iptables rule to allow connections from extern to host:143. but NOT from within the container. @container-> telnet host 143 does not work out of the box. One has to add a univention firewall exception for 143. Better the appcenter (a) automatically adds firewall exception for all PortsExclusive, or (b) we allow all ports from the docker net (iptables -A INPUT -i docker0 -p tcp -j ACCEPT in /etc/security/packetfilter.d/20_docker.sh) Workaround: Add firewall exceptions in App Center join script.
This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018. Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact your partner or Univention for any questions. If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.