Docker 被 UFW 阻止

Docker 被 UFW 阻止

我在 ubuntu 14.04 中遇到了 Docker 网络问题。我已经从官方仓库安装了 Docker.io,并且添加了

DEFAULT_FORWARD_POLICY="ACCEPT"

/etc/default/ufw我的 Docker 容器仍然无法获取页面(ping 似乎有效)。

日志来自/var/log/docker.log

May  3 08:42:21 niuniobook kernel: [ 1106.338264] [UFW BLOCK] IN=docker0 OUT= PHYSIN=veth5bdb MAC=ba:18:3c:93:f9:68:fa:4b:d0:45:db:ae:08:00 SRC=172.17.0.2 DST=172.17.42.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=43837 DF PROTO=TCP SPT=55336 DPT=20559 WINDOW=29200 RES=0x00 SYN URGP=0 
May  3 08:42:36 niuniobook kernel: [ 1121.447687] [UFW BLOCK] IN=docker0 OUT= PHYSIN=veth5bdb MAC=ba:18:3c:93:f9:68:fa:4b:d0:45:db:ae:08:00 SRC=172.17.0.2 DST=172.17.42.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7222 DF PROTO=TCP SPT=38480 DPT=20559 WINDOW=29200 RES=0x00 SYN URGP=0 
May  3 08:42:56 niuniobook kernel: [ 1141.037623] [UFW BLOCK] IN=docker0 OUT= PHYSIN=veth5bdb MAC=ba:18:3c:93:f9:68:fa:4b:d0:45:db:ae:08:00 SRC=172.17.0.2 DST=172.17.42.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=38012 DF PROTO=TCP SPT=37959 DPT=20559 WINDOW=29200 RES=0x00 SYN URGP=0 
May  3 08:43:15 niuniobook kernel: [ 1160.956373] [UFW BLOCK] IN=docker0 OUT= PHYSIN=veth5bdb MAC=ba:18:3c:93:f9:68:fa:4b:d0:45:db:ae:08:00 SRC=172.17.0.2 DST=172.17.42.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=24121 DF PROTO=TCP SPT=51148 DPT=20559 WINDOW=29200 RES=0x00 SYN URGP=0 
May  3 08:44:08 niuniobook kernel: [ 1213.709898] [UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:01:00:14:bf:6e:75:44:08:00 SRC=192.168.1.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2 
May  3 08:44:16 niuniobook kernel: [ 1221.902392] [UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:fb:68:17:29:27:ac:86:08:00 SRC=192.168.1.78 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=21208 PROTO=2 
May  3 08:45:11 niuniobook kernel: [ 1276.281997] [UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:01:74:ea:3a:f4:8f:06:08:00 SRC=192.168.1.254 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 
May  3 08:45:11 niuniobook kernel: [ 1276.898590] [UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:fb:68:17:29:27:ac:86:08:00 SRC=192.168.1.78 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=21209 PROTO=2 
May  3 08:46:14 niuniobook kernel: [ 1339.675787] [UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:01:00:14:bf:6e:75:44:08:00 SRC=192.168.1.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2 
May  3 08:46:21 niuniobook kernel: [ 1346.432807] [UFW BLOCK] IN=wlan0 OUT= MAC=01:00:5e:00:00:fb:68:17:29:27:ac:86:08:00 SRC=192.168.1.78 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=21214 PROTO=2 

禁用 UFW 后,Docker 甚至无法连接到任何端口(ping 仍然有效)。

答案1

我发现 Prax(Linux 的 Pow 等效程序)导致了错误。扔掉它后它又恢复了。

相关内容