prevent Docker from exposing port on host

If i start a container using -p 80 for example, docker will assign a random outbound port.

Everytime Docker assign a port, it also add an iptable rule to open this port to the world, is it possible to prevent this behaviour ?

  • How to create docker image from jenkins running on docker
  • Mount a Host Directory as a Data Volume in docker?
  • Invalid value while trying to create a kubernetes pod with secret in it
  • How to remove all tags for a docker repository locally?
  • Docker and git deployment workflow confusion
  • Dockerfile: why doesn't the bash command work?
  • Note : I am using a nginx load balancer to get the content, I really don’t need to have my application associated with two different port.

  • Remove port binding from an existing docker container
  • How change time in docker container, if you need test cron tasks?
  • how to make fail2ban read json docker logs
  • OSX Docker/WordPress/MySQL — Connection Error: (1130) Host '' is not allowed to connect to this MariaDB server
  • Docker pull ubuntu no reply
  • Bluemix: service bound to container does not appear in VCAP_SERVICES
  • 2 Solutions collect form web for “prevent Docker from exposing port on host”

    You can specify both interface and port as follows:

    -p ip:hostPort:containerPort


    -p ip::containerPort

    Another solution is to run nginx inside container and to use conteiner linking without exposing other services whatsoever.

    The iptable feature is a startup parameter for the docker demon. Look for the docker demon conf file in your docker installation. Add –iptables=false and docker never touches your iptables.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.