By default, Docker manipulates iptables rules to provide network isolation: Chain FORWARD (policy DROP) target prot opt source destination DOCKER all — 0.0.0.0/0 0.0.0.0/0 […] Chain DOCKER (1 references) target prot opt source destination I don’t mind having my iptables rules for forwarding manipulated, but there is a caveat: when you expose a container (with … Continue reading Preventing Docker from manipulating iptables rules