prevent Docker from exposing port on host

If i start a container using -p 80 for example, docker will assign a random outbound port.

Everytime Docker assign a port, it also add an iptable rule to open this port to the world, is it possible to prevent this behaviour ?

  • Permission denied for protoc on maven build in Teamcity
  • ECONNREFUSED to mysql container inside jenkins
  • Contents in the container's bind-mounted dir keep unchanged after mounting/umounting removable drive from the host
  • Docker windows loading kernel modules
  • Reading in environment variables from an environment file
  • running docker from gradle: cannot pull image
  • Note : I am using a nginx load balancer to get the content, I really don’t need to have my application associated with two different port.

  • OpenShift V3 vs. OpenShift V2 [closed]
  • PostgreSQL on AWS ECS: psycopg2.OperationalError invalid port number 5432
  • Running nuxt js application in Docker
  • Docker ERROR: for app Container command 'docker-php-entrypoint' not found or does not exist
  • How to get the mapped port on host from a docker container?
  • $(pwd) - one level up
  • 2 Solutions collect form web for “prevent Docker from exposing port on host”

    You can specify both interface and port as follows:

    -p ip:hostPort:containerPort


    -p ip::containerPort

    Another solution is to run nginx inside container and to use conteiner linking without exposing other services whatsoever.

    The iptable feature is a startup parameter for the docker demon. Look for the docker demon conf file in your docker installation. Add –iptables=false and docker never touches your iptables.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.