View Issue Details

IDProjectCategoryView StatusLast Update
0017380CentOS-8-OTHERpublic2020-05-20 19:36
ReporterMeatBunny 
PrioritynormalSeverityblockReproducibilityalways
Status newResolutionopen 
Product Version8.1.1911 
Target VersionFixed in Version 
Summary0017380: podman with iptables-services will not properly expose ports or allow outbound traffic
DescriptionFirst bug report, please let me know if I'm missing something.

Podman when used in conjunction with iptables-services does not expose the ports that it should or allow outbound traffic. This bug is not present with the latest version of the software from the podman.io repositories.

This may be related to https://github.com/containers/libpod/issues/4260, but in that case it has problems with firewalld instead of iptables-services
Steps To Reproducesystemctl stop firewalld
systemctl disable firewalld
systemctl mask firewalld
dnf update -y
dnf install -y @container-management @python36 vim jq podman-docker iptables-services
systemctl enable iptables --now
(iptables -L -v -n ; iptables -L -v -n -t nat) | tee -a /root/before
podman run -itd --name fastapitest -p 80:80 tiangolo/uvicorn-gunicorn-fastapi
# Another host
curl -v http://yourip:80
podman exec -it fastapitest bash
ping -c2 10.88.0.1
ping -c2 Your_LAN_Gateway
ping -c2 8.8.8.8
ping -c2 google.com
(iptables -L -v -n ; iptables -L -v -n -t nat) | tee -a /root/after
diff /root/before /root/after
Additional InformationAttached are putty logs of doing it with the stock podman from the repos and a second run using the latest podman from the upstream dnf repository.
Tagspodman

Activities

MeatBunny

MeatBunny

2020-05-20 19:36

reporter  

latest-podman.log (453,845 bytes)
centos8-podman.log (1,087,231 bytes)

Issue History

Date Modified Username Field Change
2020-05-20 19:36 MeatBunny New Issue
2020-05-20 19:36 MeatBunny File Added: latest-podman.log
2020-05-20 19:36 MeatBunny File Added: centos8-podman.log
2020-05-20 19:36 MeatBunny Tag Attached: podman