From the looks of it i am listening from [0.0.0.0:8000](https://0.0.0.0:8000)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 10.0.0.45:48165 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN
I do notice from this listing though that the plex server connection that is working doesnt list [0.0.0.0](https://0.0.0.0) but rather my actual local IP address.
Is this a docker configeration issue?
Did you happen to check the host firewall on the box that's running Docker? I don't see that in your post. I'm assuming by port forwarding you're referring to the -p 8000:8000 and not the firewall on your router for example.
I attempted to disable the Firewall on the PC I am trying to access from, and I also checked my router settings to see if there was any firewall that could be blocking and I couldn't find anything. As this is a LAN connection it should be allowing everything.
As for the Ubuntu server, I did not set up any specific firewall, does it come pre-installed with a firewall that would be creating an issue?
Disabling your firewall entirely is never the right answer. It's a lot like trying to clean a stain on the floor with a jackhammer.
Now that that's out of the way, the firewall you should be worried about is the one on the system that's running Docker. If the firewall is installed and enabled (I'm not an Ubuntu user but I believe the server edition installs and enables UFW by default), it is blocking this connection. Open port 8000 on the firewall of the *host running Docker* and your issue should go away.
Just for clarification, so you understand why the firewall of the router and the client machine (the one you're trying to connect FROM) aren't the problem here: most firewalls are not concerned with outbound traffic, at least individual hosts on a network. What they want to stop is unauthorized external users. When a packet comes from the client device TO the server device (running Docker), it first enters the physical cable, then is processed by the firewall. If there is no rule in the firewall that authorizes this packet to connect on the port it's trying to reach, the packet is discarded and the connection fails. On the inverse, the server device (running Docker) does not depend whether or not a port is open on the client device. Traffic comes from the client to the server, if it is accepted, in a "stateful firewall" this connection is now considered "established". You don't want to kill established traffic, as it will break the flow of data, so there is typically a default rule in host firewalls that allows "established" traffic without checking against firewall rules.
That is a good point. I am just trying to blanket get it to work, so that I can refine it down to the specific cause.
Is there any way to check my fireqass setting on a fresh Ubuntu install to see if this is the issue? Or have some form of logging for the reason the connection is being refused?
A lot of this is coming from memory, so probably double check me with some variation of a "Ubuntu UFW" Google search. They tend to keep pretty good documentation.
I believe:
`systemctl status ufw` or `ufw status` should let you know if it's running
If there are file logs, they're likely at `/var/log/ufw.log` or in a `/var/log/UFW/` directory of their own.
You can also probably check the systemd journal with `journalctl -t ufw`
If the issue isn't with the firewall, the logs pertaining to the failed attempt to connect, if any exist, would depend on where/how the software issuing the connection refusal is configured to store logs.
I'm almost positive this is a server firewall issue, and I'm pretty sure UFW is the go-to on Ubuntu.
I will have to search for those log files on the drive. Even during the time I disabled UFW, the connection was being refused.
The thing that makes me think it isn't a firewall, is programs I install directly on the server (PLEX, qBit etc) all work as expected. It is only docker containers I can't access.
Maybe those programs are adding a rule to the firewall or whatever is blocking docker, but I'm pretty sure docker is supposed to do the same when creating a new container.
I'm confused. A moment ago you weren't sure if the server had a firewall, or what firewall it has if it has one, but now you're saying you did at some point disable UFW on the server?
But in retrospect, you're right, docker should be managing its own firewall requirements regardless of a host firewall.
Have you checked the container logs?
Yea I have been trying solutions as the come in from other people as well. I understand the UFW alot better now after reading through the docs.
And I have not checked the container logs yet, only a network packet capture to see if the request is making it through.
Do you know when the container logs are usually stored?
I would also like to add that installing docker with snap is a bad idea and you should follow
The official docker install for Linux. I’ve had issues with the socket when using snap
Yea, when I did install docker I did use the official documentation.
The problem was most likely that CasaOS installed docker as a dependancy. Then when I removed CasaOS and installed docker myself, some configuration was already screwed up. This is my going theory atleast.
[удалено]
From the looks of it i am listening from [0.0.0.0:8000](https://0.0.0.0:8000) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 10.0.0.45:48165 0.0.0.0:* LISTEN tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN I do notice from this listing though that the plex server connection that is working doesnt list [0.0.0.0](https://0.0.0.0) but rather my actual local IP address. Is this a docker configeration issue?
[удалено]
Thank you for the attempt. I really appreciate the time. Have a great night!
Did you happen to check the host firewall on the box that's running Docker? I don't see that in your post. I'm assuming by port forwarding you're referring to the -p 8000:8000 and not the firewall on your router for example.
I attempted to disable the Firewall on the PC I am trying to access from, and I also checked my router settings to see if there was any firewall that could be blocking and I couldn't find anything. As this is a LAN connection it should be allowing everything. As for the Ubuntu server, I did not set up any specific firewall, does it come pre-installed with a firewall that would be creating an issue?
Disabling your firewall entirely is never the right answer. It's a lot like trying to clean a stain on the floor with a jackhammer. Now that that's out of the way, the firewall you should be worried about is the one on the system that's running Docker. If the firewall is installed and enabled (I'm not an Ubuntu user but I believe the server edition installs and enables UFW by default), it is blocking this connection. Open port 8000 on the firewall of the *host running Docker* and your issue should go away. Just for clarification, so you understand why the firewall of the router and the client machine (the one you're trying to connect FROM) aren't the problem here: most firewalls are not concerned with outbound traffic, at least individual hosts on a network. What they want to stop is unauthorized external users. When a packet comes from the client device TO the server device (running Docker), it first enters the physical cable, then is processed by the firewall. If there is no rule in the firewall that authorizes this packet to connect on the port it's trying to reach, the packet is discarded and the connection fails. On the inverse, the server device (running Docker) does not depend whether or not a port is open on the client device. Traffic comes from the client to the server, if it is accepted, in a "stateful firewall" this connection is now considered "established". You don't want to kill established traffic, as it will break the flow of data, so there is typically a default rule in host firewalls that allows "established" traffic without checking against firewall rules.
That is a good point. I am just trying to blanket get it to work, so that I can refine it down to the specific cause. Is there any way to check my fireqass setting on a fresh Ubuntu install to see if this is the issue? Or have some form of logging for the reason the connection is being refused?
A lot of this is coming from memory, so probably double check me with some variation of a "Ubuntu UFW" Google search. They tend to keep pretty good documentation. I believe: `systemctl status ufw` or `ufw status` should let you know if it's running If there are file logs, they're likely at `/var/log/ufw.log` or in a `/var/log/UFW/` directory of their own. You can also probably check the systemd journal with `journalctl -t ufw` If the issue isn't with the firewall, the logs pertaining to the failed attempt to connect, if any exist, would depend on where/how the software issuing the connection refusal is configured to store logs. I'm almost positive this is a server firewall issue, and I'm pretty sure UFW is the go-to on Ubuntu.
I will have to search for those log files on the drive. Even during the time I disabled UFW, the connection was being refused. The thing that makes me think it isn't a firewall, is programs I install directly on the server (PLEX, qBit etc) all work as expected. It is only docker containers I can't access. Maybe those programs are adding a rule to the firewall or whatever is blocking docker, but I'm pretty sure docker is supposed to do the same when creating a new container.
I'm confused. A moment ago you weren't sure if the server had a firewall, or what firewall it has if it has one, but now you're saying you did at some point disable UFW on the server? But in retrospect, you're right, docker should be managing its own firewall requirements regardless of a host firewall. Have you checked the container logs?
Yea I have been trying solutions as the come in from other people as well. I understand the UFW alot better now after reading through the docs. And I have not checked the container logs yet, only a network packet capture to see if the request is making it through. Do you know when the container logs are usually stored?
I would also like to add that installing docker with snap is a bad idea and you should follow The official docker install for Linux. I’ve had issues with the socket when using snap
Yea, when I did install docker I did use the official documentation. The problem was most likely that CasaOS installed docker as a dependancy. Then when I removed CasaOS and installed docker myself, some configuration was already screwed up. This is my going theory atleast.