Iptables docker chain block

felixwong · April 8, 2025, 9:17am

After installing Elasticsearch (port 8174) in Docker, I am experiencing packet drops in the Docker-related iptables chains, specifically:

The DOCKER chain is dropping all traffic between non-bridge interfaces and Docker bridges (br-6c66a4eeb7d0 and docker0)
This is preventing Kibana (port 5601) and Elasticsearch (port 9200) from communicating properly
Removing all iptables rules temporarily fixes the issue

Can anyone suggest how to get around the iptables chain ? Thanks

Example :
Chain DOCKER (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !br-6c66a4eeb7d0 br-6c66a4eeb7d0 0.0.0.0/0 172.18.0.6 tcp dpt:5601
0 0 ACCEPT tcp -- !br-6c66a4eeb7d0 br-6c66a4eeb7d0 0.0.0.0/0 172.18.0.3 tcp dpt:9200
0 0 DROP all -- !docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- !br-6c66a4eeb7d0 br-6c66a4eeb7d0 0.0.0.0/0 0.0.0.0/0

Topic		Replies	Views
Can't access Kibana in Docker of Window Server 2022 Elasticsearch docker	1	165	November 24, 2023
Kibana container can ping but won't connect to ES container? Elasticsearch	3	837	July 29, 2018
Elasticsearch, docker and iptables Elasticsearch	2	2892	July 5, 2017
On Docker containers. Kibana connect to cloud instead the Elasticsearch container Kibana docker	8	523	January 2, 2024
Another Kibana instance appears to be migrating the index - Docker environment Kibana docker	2	1479	October 12, 2020

Iptables docker chain block

Related topics