UFW not working correctly?
January 7, 2023, 12:56
i have a small bot problem with my Minecraft Server, every hour bots try to join so the server starts (it starts on player join)
so i read into ufw to block that ip from where the requests come and they are still going through the firewall 🤔 why?
How do ufw logs look like? How does your server start from join attempts? How do your ufw rules look like?
and the logs? you could match the timestamp of when minecraft logs show the join attempt and ufw logs
btw i think its important to say that that mcserver runs inside of a docker container
and i checked with iptables
and it looks like docker is playing around with iptables
there is a rule in iptables that allows traffic to port 25565
and that rule is above the deny rule to that ip adress
Your server still forwards that request to the docker interface
It's not that the docker interface is open to the internet
Ufw should log that either in /var/log/ufw.log or /var/log/syslog
And even in dmesg
What you did looked fine but itd be better to see the ufw logs
and my chat looks like that because someone is sending data to my server
looks like "vmi1134589.contaboserver.net" is responsible for that
Ah nice I use contabo too
How does that bot work? How does it know someone tried to enter to start up the server
And delete your svs hostname unless you don't care people know your servers ip address
Mm that could explain it, ip tables do not close the port but rather drop packets that come to a port with a rule
Maybe the small program detects that and starts the server
i tested it myself on my mc server even if ufw rule was not set and could login to my server
Bind containers locally so they are not exposed outside your machine: docker run -p 127.0.0.1:8080:8080 ...wow that could be the solution, ill test tomorrow, that would be awesome if it works 👀
i tested it, it works, but no one will be able to connect to your vps
only if connectios come from localhost
possible solutuon: https://github.com/chaifeng/ufw-docker
yup, just tested, that actually works.
exactly, what I sent u last fixes th issue
so that ufw works with docker too
i tested it on my vps with ubuntu 20
looks like it will make everything only locally accessible
That actually fixes the issue of having one deny rule for a docker container that still allows traffic, for example an specific ip address
i mean that could work in theory
Yes that will work
Or should work
And don't forget to rebuild the docker image