View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0017380 | CentOS-8 | -OTHER | public | 2020-05-20 19:36 | 2020-05-20 19:36 |
| Reporter | MeatBunny | ||||
| Priority | normal | Severity | block | Reproducibility | always |
| Status | new | Resolution | open | ||
| Product Version | 8.1.1911 | ||||
| Target Version | Fixed in Version | ||||
| Summary | 0017380: podman with iptables-services will not properly expose ports or allow outbound traffic | ||||
| Description | First bug report, please let me know if I'm missing something. Podman when used in conjunction with iptables-services does not expose the ports that it should or allow outbound traffic. This bug is not present with the latest version of the software from the podman.io repositories. This may be related to https://github.com/containers/libpod/issues/4260, but in that case it has problems with firewalld instead of iptables-services | ||||
| Steps To Reproduce | systemctl stop firewalld systemctl disable firewalld systemctl mask firewalld dnf update -y dnf install -y @container-management @python36 vim jq podman-docker iptables-services systemctl enable iptables --now (iptables -L -v -n ; iptables -L -v -n -t nat) | tee -a /root/before podman run -itd --name fastapitest -p 80:80 tiangolo/uvicorn-gunicorn-fastapi # Another host curl -v http://yourip:80 podman exec -it fastapitest bash ping -c2 10.88.0.1 ping -c2 Your_LAN_Gateway ping -c2 8.8.8.8 ping -c2 google.com (iptables -L -v -n ; iptables -L -v -n -t nat) | tee -a /root/after diff /root/before /root/after | ||||
| Additional Information | Attached are putty logs of doing it with the stock podman from the repos and a second run using the latest podman from the upstream dnf repository. | ||||
| Tags | podman | ||||
