- Disable iptables
$ sudo vim /etc/docker/daemon.json
{
"iptables": false
}
- You have to set Docker's bridge postrouting in ufw:
$ ifconfig docker0
It should returns something like this:
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
So docker0's network is 172.17.0.1/16
sudo vim /etc/ufw/after.rules
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 172.17.0.1/16 -o eth0 -j MASQUERADE
COMMIT
- Finally you have to restart UFW and Docker
sudo ufw disable
sudo ufw enable
sudo systemctl restart docker
- Also, ufw will keep blocking unless you allow forwarding
sudo sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw
sudo ufw reload