Add host firewall rules:
ufw allow from (SINGLE IP) to any ufw allow from (OFFICE SUBNET)/24 to any ufw default deny incoming ufw default allow outgoing ufw enable
Add Docker firewall rules:
iptables -A DOCKER-USER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A DOCKER-USER -s (SINGLE IP) -j ACCEPT iptables -A DOCKER-USER -s (OFFICE SUBNET)/24 -j ACCEPT iptables -A DOCKER-USER -p tcp --dport 25 -j ACCEPT iptables -A DOCKER-USER -p tcp --dport 80 -j ACCEPT iptables -A DOCKER-USER -p tcp --dport 443 -j ACCEPT iptables -A DOCKER-USER -p tcp --dport 143 -j ACCEPT iptables -A DOCKER-USER -p tcp --dport 993 -j ACCEPT iptables -A DOCKER-USER -p tcp -m multiport --dports 80,443,110,995 -j DROP iptables-save | sudo tee /etc/iptables/rules.v4
See Docker firewall rules:
ufw status
See Docker firewall rules:
iptables -L DOCKER-USER -n -v --line-numbers
Delete Docker firewall rules (don't forget to save changes)
iptables -D DOCKER-USER (line number)
Show list of successfully connected IPs:
docker compose -f /opt/mailcow-dockerized/docker-compose.yml logs dovecot-mailcow | \ grep -E "Login: user=" | \ grep -oE "rip=[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | \ cut -d'=' -f2 | sort -u
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article