share
Unix & LinuxCan iptables REDIRECT back into a docker container
[0] [1] Mark
[2020-10-05 10:56:22]
[ networking iptables docker container ]
[ https://unix.stackexchange.com/questions/612961/can-iptables-redirect-back-into-a-docker-container ]

Let's say I have a docker container on a docker network with ip 172.20.0.2.

Inside that docker container there are two processes running.

  1. An http server listening on port 8000 that always replies 'hello'
  2. A http client that constantly tries to connect to http://example.com

Is it possible, using ip tables on the host machine, to forward all outbound traffic in that container back into the same container.

So in the scenario above, the http request to example.com, would actually goto the 8000 port inside that same container, returning 'hello'.

I feel like the following would work if this wasn't in docker. Am I close?

iptables -t nat -A OUTPUT -s 172.20.0.0/16 -j REDIRECT --to-ports 8000

But I think this is just forwarding to 8000 on the host machine :(

[0] [2020-10-10 15:20:12] Bruce Malaudzi

I would suggest editing the /etc/hosts file on the docker container:

172.20.0.2  example.com

This means that everytime the client attempts to connect to http://example.com:8000 via HTTP, traffic will be pointed to docker container at 172.20.0.2:8000, and receive a "hello" reply as expected.


1