mailcowdockerized-unbound-mailcow-1 is unhealthyย #6679
Description
Contribution guidelines
- I've read the contribution guidelines and wholeheartedly agree
I've found a bug and checked that ...
- ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
- ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
- ... I have understood that answers are voluntary and community-driven, and not commercial support.
- ... I have verified that my issue has not been already answered in the past. I also checked previous issues.
Description
I have recently set up Mailcow on my server using Docker. All containers appear to be running, but I am experiencing issues with service access. Below is the output of docker ps -a for reference:
Logs:
root@mail:/opt/mailcow-dockerized# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3c0fd26892ea ghcr.io/mailcow/watchdog:2.08 "/watchdog.sh" 5 minutes ago Created mailcowdockerized-watchdog-mailcow-1
9763c5d83209 ghcr.io/mailcow/acme:1.93 "/sbin/tini -g -- /sโฆ" 5 minutes ago Created mailcowdockerized-acme-mailcow-1
64d267e58c86 ghcr.io/mailcow/nginx:1.03 "/docker-entrypoint.โฆ" 5 minutes ago Created mailcowdockerized-nginx-mailcow-1
aea80119ae4c ghcr.io/mailcow/rspamd:2.2 "/docker-entrypoint.โฆ" 5 minutes ago Created mailcowdockerized-rspamd-mailcow-1
7aa6b31c5cdc mcuadros/ofelia:latest "/usr/bin/ofelia daeโฆ" 5 minutes ago Up 5 minutes mailcowdockerized-ofelia-mailcow-1
07ae4be09644 ghcr.io/mailcow/phpfpm:1.93 "/docker-entrypoint.โฆ" 5 minutes ago Up 5 minutes 9000/tcp mailcowdockerized-php-fpm-mailcow-1
ade773fca46c ghcr.io/mailcow/dovecot:2.34 "/docker-entrypoint.โฆ" 5 minutes ago Up 5 minutes 0.0.0.0:110->110/tcp, [::]:110->110/tcp, 0.0.0.0:143->143/tcp, [::]:143->143/tcp, 0.0.0.0:993->993/tcp, [::]:993->993/tcp, 0.0.0.0:995->995/tcp, [::]:995->995/tcp, 0.0.0.0:4190->4190/tcp, [::]:4190->4190/tcp, 127.0.0.1:19991->12345/tcp mailcowdockerized-dovecot-mailcow-1
2cf5d1a8a2fe ghcr.io/mailcow/postfix:1.80 "/docker-entrypoint.โฆ" 5 minutes ago Created mailcowdockerized-postfix-mailcow-1
6eb0dff1c803 mariadb:10.11 "docker-entrypoint.sโฆ" 5 minutes ago Up 5 minutes 127.0.0.1:13306->3306/tcp mailcowdockerized-mysql-mailcow-1
ff5b74542696 redis:7.4.2-alpine "/bin/sh /redis-confโฆ" 5 minutes ago Up 5 minutes 127.0.0.1:7654->6379/tcp mailcowdockerized-redis-mailcow-1
5799ee4d03c6 ghcr.io/mailcow/clamd:1.70 "/sbin/tini -g -- /cโฆ" 5 minutes ago Created mailcowdockerized-clamd-mailcow-1
3569b20a2311 ghcr.io/mailcow/dockerapi:2.11 "/bin/sh /app/dockerโฆ" 5 minutes ago Up 5 minutes mailcowdockerized-dockerapi-mailcow-1
f96b25b1412d ghcr.io/mailcow/sogo:1.133 "/docker-entrypoint.โฆ" 5 minutes ago Up 5 minutes mailcowdockerized-sogo-mailcow-1
180f184990d5 ghcr.io/mailcow/unbound:1.24 "/docker-entrypoint.โฆ" 5 minutes ago Up 5 minutes (unhealthy) 53/tcp, 53/udp mailcowdockerized-unbound-mailcow-1
ef6f16a5a064 memcached:alpine "docker-entrypoint.sโฆ" 5 minutes ago Up 5 minutes 11211/tcp mailcowdockerized-memcached-mailcow-1
4c10b657dc6b ghcr.io/mailcow/olefy:1.15 "python3 -u /app/oleโฆ" 5 minutes ago Up 5 minutes mailcowdockerized-olefy-mailcow-1
60f29ca16d76 ghcr.io/mailcow/netfilter:1.61 "/bin/sh -c /app/docโฆ" 5 minutes ago Up 5 minutes mailcowdockerized-netfilter-mailcow-1
root@mail:/opt/mailcow-dockerized#
and this part of update
docker.io/mcuadros/ofelia:latest
Stopping mailcow...
[+] Running 12/12
โ Container mailcowdockerized-ofelia-mailcow-1 Removed 10.2s
โ Container mailcowdockerized-memcached-mailcow-1 Removed 0.7s
โ Container mailcowdockerized-php-fpm-mailcow-1 Removed 10.1s
โ Container mailcowdockerized-dockerapi-mailcow-1 Removed 0.3s
โ Container mailcowdockerized-olefy-mailcow-1 Removed 10.1s
โ Container mailcowdockerized-sogo-mailcow-1 Removed 1.0s
โ Container mailcowdockerized-dovecot-mailcow-1 Removed 10.5s
โ Container mailcowdockerized-mysql-mailcow-1 Removed 0.3s
โ Container mailcowdockerized-redis-mailcow-1 Removed 0.2s
โ Container mailcowdockerized-unbound-mailcow-1 Removed 10.1s
โ Container mailcowdockerized-netfilter-mailcow-1 Removed 30.0s
โ Network mailcowdockerized_mailcow-network Removed 0.2s
Checking for remaining containers...
Committing current status...
Fetching updated code from remote...
Merging local with remote code (recursive, strategy: "theirs", options: "patience"...
Already up to date.
Fetching new images, if any...
[+] Pulling 17/17
โ memcached-mailcow Pulled 0.8s
โ olefy-mailcow Pulled 0.5s
โ redis-mailcow Pulled 0.8s
โ nginx-mailcow Pulled 0.5s
โ netfilter-mailcow Pulled 0.5s
โ postfix-mailcow Pulled 0.5s
โ acme-mailcow Pulled 0.5s
โ dovecot-mailcow Pulled 0.5s
โ watchdog-mailcow Pulled 0.5s
โ rspamd-mailcow Pulled 0.5s
โ sogo-mailcow Pulled 0.5s
โ clamd-mailcow Pulled 0.5s
โ php-fpm-mailcow Pulled 0.5s
โ ofelia-mailcow Pulled 0.8s
โ mysql-mailcow Pulled 0.8s
โ unbound-mailcow Pulled 0.5s
โ dockerapi-mailcow Pulled 0.5s
cp: warning: behavior of -n is non-portable and may change in future; use --update=none instead
Checking IPv6 settings...
Starting mailcow...
WARN[0000] mount of type `volume` should not define `bind` option
WARN[0000] mount of type `volume` should not define `bind` option
[+] Running 7/10
โ Network mailcowdockerized_mailcow-network Created 0.0s
โ Container mailcowdockerized-dockerapi-mailcow-1 Created 0.1s
โ Container mailcowdockerized-netfilter-mailcow-1 Created 0.1s
โ Container mailcowdockerized-olefy-mailcow-1 Created 0.1s
[+] Running 18/18cowdockerized-memcached-mailcow-1 Created 0.1s
โ Network mailcowdockerized_mailcow-network Created 0.0s
โ Container mailcowdockerized-dockerapi-mailcow-1 Started 0.3s
โ Container mailcowdockerized-netfilter-mailcow-1 Started 0.2s
โ Container mailcowdockerized-olefy-mailcow-1 Started 0.3s
โ Container mailcowdockerized-memcached-mailcow-1 Started 0.3s
โ Container mailcowdockerized-unbound-mailcow-1 Error 90.5s
โ Container mailcowdockerized-sogo-mailcow-1 Started 0.3s
โ Container mailcowdockerized-clamd-mailcow-1 Created 0.0s
โ Container mailcowdockerized-redis-mailcow-1 Started 0.4s
โ Container mailcowdockerized-mysql-mailcow-1 Started 0.4s
โ Container mailcowdockerized-dovecot-mailcow-1 Started 0.6s
โ Container mailcowdockerized-postfix-mailcow-1 Created 0.0s
โ Container mailcowdockerized-php-fpm-mailcow-1 Started 0.5s
โ Container mailcowdockerized-ofelia-mailcow-1 Started 0.7s
โ Container mailcowdockerized-rspamd-mailcow-1 Created 0.0s
โ Container mailcowdockerized-nginx-mailcow-1 Created 0.0s
โ Container mailcowdockerized-acme-mailcow-1 Created 0.0s
โ Container mailcowdockerized-watchdog-mailcow-1 Created 0.0s
dependency failed to start: container mailcowdockerized-unbound-mailcow-1 is unhealthy
Collecting garbage...
root@mail:/opt/mailcow-dockerized# docker logs mailcowdockerized-unbound-mailcow-1
Setting console permissions...
Receiving anchor key...
Receiving root hints...
root@mail:/opt/mailcow-dockerized#
Steps to reproduce:
1/ Run update.sh
Which branch are you using?
master
Which architecture are you using?
x86
Operating System:
Ubuntu 24
Server/VM specifications:
8GB , 4 CPU
Is Apparmor, SELinux or similar active?
yes
Virtualization technology:
Proxmox
Docker version:
28.1.1
docker-compose version or docker compose version:
Docker Compose version v2.35.1
mailcow version:
2025-07
Reverse proxy:
Nginx
Logs of git diff:
root@mail:/opt/mailcow-dockerized# git diff origin/master
diff --git a/data/assets/ssl-example/cert.pem b/data/assets/ssl-example/cert.pem
index 96d16bec..a102ff5a 100644
--- a/data/assets/ssl-example/cert.pem
+++ b/data/assets/ssl-example/cert.pem
@@ -1,19 +1,33 @@
-----BEGIN CERTIFICATE-----
-MIIDBDCCAe6gAwIBAgIQeJMoL/3dxhxhT9EwuRTL/DALBgkqhkiG9w0BAQswEjEQ
-MA4GA1UEChMHbWFpbGNvdzAeFw0xNjEyMTMxMDExMDBaFw0xOTExMjgxMDExMDBa
-MC0xEDAOBgNVBAoTB21haWxjb3cxGTAXBgNVBAMTEG1haWwuZXhhbXBsZS5vcmcw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRg0xT3At9DSb3H5OMp3K1
-MpXAgYyotSK6TS61fC0QEHy2fMXiws7Agcye6Ln7CG63Fe1eN2jkdlefy9xJivS8
-y5w0M8i168v5znzC8fnylL2iOiSYfK/B/oEqfU7YH4RcegO53oDDIUZmi4Frgnu7
-39VVOU1ZyHEVqGJ2H2aAIkoZRjGzumD9Ym4LWGidtKJzBgFt/qmhUeWXipM8w281
-XkQnJU79+x2ywnJSvEZ3r/ZVJC7kbjiVw+/k15k9Cxk6Ik8wmJ0X/+xWxoZomHQI
-1LM0VKAS/iaU95dn2bplvL6jTiiyWAbrMjSKs4XbPt/fIbOicNkj6+CFy0MVfyyH
-AgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIAqDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwEwDAYDVR0TAQH/BAIwADALBgkqhkiG9w0BAQsDggEBAI/jBJa1P8nB
-eHUN5muQmjBVDVOYyWAAEapOe2HYsBcpjaB2H8Iw3DQzJtz6peYeYSCmHRVqFLCm
-VPrq36l9mPUotyPDPlQQAxCj9R2+WbGaJO+N/E1F8FQ94dr3jqwUyfjVPoqEjmIH
-NFkvbA0RJOeBm9oYGdhM0wjOBV9c9MTHFG82nQ/zQeTuPb7GXuKIOXYCxoLNOZMw
-UJ02Cqjv5ImrgOhcstAKX3Ip0urSvZUGvtPla4CGh+M6yDFJ08GzX6OiMIH207RW
-jAbUXXERSUv/7hysdDjGo5HZjCeMzVu9KAxoZXqnmvkk8g2swKWtWBRcoeU1VGx0
-Bx4Q4KMjuYQ=
+MIIFtzCCA5+gAwIBAgIUZTVTVQstcQdkxEJGx+h7bd5P83cwDQYJKoZIhvcNAQEL
+BQAwazELMAkGA1UEBhMCREUxDDAKBgNVBAgMA05SVzEQMA4GA1UEBwwHV2lsbGlj
+aDEQMA4GA1UECgwHbWFpbGNvdzEQMA4GA1UECwwHbWFpbGNvdzEYMBYGA1UEAwwP
+bWFpbC50eXRob24ub3JnMB4XDTI1MDgxNzE0MDEyMVoXDTI2MDgxNzE0MDEyMVow
+azELMAkGA1UEBhMCREUxDDAKBgNVBAgMA05SVzEQMA4GA1UEBwwHV2lsbGljaDEQ
+MA4GA1UECgwHbWFpbGNvdzEQMA4GA1UECwwHbWFpbGNvdzEYMBYGA1UEAwwPbWFp
+bC50eXRob24ub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm+13
+f38Fx7XsI3vk7zOJtYQFsXxmfi2+heMc5nvLJxeagQe2RvAA9cNgjde7AeHQ/wSo
+BP6VamI0JM4Tr0vsnzQpLJhUIRgBN/VD16TnGiJhJfKvdxA5lb6B6V/wlaUzgKhe
+RdLfDUrOI/3giegga4/lW36vUGRYumkFekWBa9x4yiEKRY5eFNlsVBK7rn2rPO8J
+HouxdqgAqi0IeIhytjR5TryqfNrU3Ww+d9eYrYAZtdZWqRviSYn7GA4atdxlk5Mn
+SZIrasHJyZhDSplhUKJAiBTuKbtPKA8ojutHm7XbZ9q5BGlKw621rcabAkunL94o
+FUxTuSBRq1uzNaO4AWph+uW9dAyPmwhwrxqWeY9jZWYR9zFWSalWUHXLg3jBjce0
+tLhiVrUeyw4zA26mgCD+pOe46Z3mSwdw5qWHI68MXBRO+rlWTk99xNBr85R7qXpD
+KuCBCEwBoA4d64m+XWCxl1lzFMqKNrzjT5q3AnFz3rswZ40rSntwBUOVciPI+oHt
+KuzPBRZCFzSpJGZvPwUPzTgzzVhboihhQwqN4dm5eF6GDoEzTpQ1Ya6WxnvRJL9X
+87Sy+UbIlmQsMFIoLgXauaNPx9y/7HFbYoj7+iElc8eFPwuIjmPvCZ0375v/KmzE
+WJkNU76ueA6f17ztGlvoT/4/EYyDiZHgpPQT9uECAwEAAaNTMFEwHQYDVR0OBBYE
+FKR+OEZjMwjl/HIrfPGh5d7+XEVnMB8GA1UdIwQYMBaAFKR+OEZjMwjl/HIrfPGh
+5d7+XEVnMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAG5DmNpw
++0kqAXRz6+qlMgBUSDKbvISEdB66YJzd4Vs5Ff01LqoZFWpgowiZClfxmobduQuY
+i3V+StrIn0q6QaMKphUaHbgt6q0HZLD8xgJi0cYf12Vjf2gw3XJbcc6cWqiTtQWT
++GGv5/OckmotVocHjaWnoIHfDieJJoUrXvXJ0R7L3HWng4VOjPiHtDiBe9eb9Rsm
+AiRqziZhl80ry6NOXYW29WlzIFYMs0/FqVhpaOCmd1WZuAl52JYI+mW1gpRKyw7w
+0PQrxSa4qI5ZWR17/ndm6S/z5/Jk0vxyX8jlxmAtG/Y3bx/kFERDIjkABPsMn5P2
+quG+haOKgfJvbGhkEezMHoGJbZuhbCIRuKz3bXB6nIVAeZPGoenTcJdBRGM60xc7
+QbT8qgL4YrOjDddYbO6ZjOqj4cCqNEpn5yeUceLDIYxLY7mhZ6tNoEMjIasXNkAs
+Pr9bs/PcYbUu6Ez8147EK1QT61WH9nsBBk6THBd/z7RklEFKoIN4OcYeTUUcwVcd
+QbXMx1tW9Bikma9vnSCDRqp7sJ8WrjexVTqHrFgvwEv06f6eTGJmgQfgDu/PwCHD
:
Logs of iptables -L -vn:
root@mail:/opt/mailcow-dockerized# iptables -L -vn
Chain INPUT (policy ACCEPT 18433 packets, 2635K bytes)
pkts bytes target prot opt in out source destination
18433 2635K MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
18433 2635K MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
18433 2635K MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
9428 1138K MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
5428 907K DOCKER-USER 0 -- * * 0.0.0.0/0 0.0.0.0/0
5428 907K DOCKER-FORWARD 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
0 0 MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
0 0 MAILCOW 0 -- * * 0.0.0.0/0 0.0.0.0/0 /* mailcow */
Chain OUTPUT (policy ACCEPT 20408 packets, 21M bytes)
pkts bytes target prot opt in out source destination
400 25998 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:12345
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:4190
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:995
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:993
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:143
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:110
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.5 tcp dpt:3306
0 0 ACCEPT 6 -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.249 tcp dpt:6379
0 0 DROP 0 -- !docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP 0 -- !br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-BRIDGE (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER 0 -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER 0 -- * br-mailcow 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-CT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 0 -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
369 154K ACCEPT 0 -- * br-mailcow 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
Chain DOCKER-FORWARD (1 references)
pkts bytes target prot opt in out source destination
5428 907K DOCKER-CT 0 -- * * 0.0.0.0/0 0.0.0.0/0
3752 238K DOCKER-ISOLATION-STAGE-1 0 -- * * 0.0.0.0/0 0.0.0.0/0
3752 238K DOCKER-BRIDGE 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- docker0 * 0.0.0.0/0 0.0.0.0/0
806 51190 ACCEPT 0 -- br-mailcow * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 0 -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
806 51190 DOCKER-ISOLATION-STAGE-2 0 -- br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * br-mailcow 0.0.0.0/0 0.0.0.0/0
0 0 DROP 0 -- * docker0 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
5428 907K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain MAILCOW (7 references)
pkts bytes target prot opt in out source destination
0 0 DROP 6 -- !br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0 /* mailcow isolation */
0 0 ACCEPT 6 -- * br-mailcow 0.0.0.0/0 0.0.0.0/0 multiport dports 53,443
4004 234K DROP 6 -- !br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0 /* mailcow isolation */
0 0 ACCEPT 6 -- ens18 * 192.168.100.1 0.0.0.0/0 multiport dports 25,80,465,587
0 0 DROP 6 -- !br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0 /* mailcow isolation */
0 0 DROP 6 -- !br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0 /* mailcow isolation */
root@mail:/opt/mailcow-dockerized#
Logs of ip6tables -L -vn:
root@mail:/opt/mailcow-dockerized# ip6tables -L -vn
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MAILCOW 0 -- * * ::/0 ::/0 /* mailcow */
0 0 DOCKER-USER 0 -- * * ::/0 ::/0
0 0 DOCKER-FORWARD 0 -- * * ::/0 ::/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 6 -- !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:4190
0 0 ACCEPT 6 -- !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:995
0 0 ACCEPT 6 -- !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:993
0 0 ACCEPT 6 -- !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:143
0 0 ACCEPT 6 -- !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:110
0 0 DROP 0 -- !docker0 docker0 ::/0 ::/0
0 0 DROP 0 -- !br-mailcow br-mailcow ::/0 ::/0
Chain DOCKER-BRIDGE (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER 0 -- * docker0 ::/0 ::/0
0 0 DOCKER 0 -- * br-mailcow ::/0 ::/0
Chain DOCKER-CT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 0 -- * docker0 ::/0 ::/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT 0 -- * br-mailcow ::/0 ::/0 ctstate RELATED,ESTABLISHED
Chain DOCKER-FORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-CT 0 -- * * ::/0 ::/0
0 0 DOCKER-ISOLATION-STAGE-1 0 -- * * ::/0 ::/0
0 0 DOCKER-BRIDGE 0 -- * * ::/0 ::/0
0 0 ACCEPT 0 -- docker0 * ::/0 ::/0
0 0 ACCEPT 0 -- br-mailcow * ::/0 ::/0
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 0 -- docker0 !docker0 ::/0 ::/0
0 0 DOCKER-ISOLATION-STAGE-2 0 -- br-mailcow !br-mailcow ::/0 ::/0
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * br-mailcow ::/0 ::/0
0 0 DROP 0 -- * docker0 ::/0 ::/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN 0 -- * * ::/0 ::/0
Chain MAILCOW (1 references)
pkts bytes target prot opt in out source destination
root@mail:/opt/mailcow-dockerized#
Logs of iptables -L -vn -t nat:
root@mail:/opt/mailcow-dockerized# iptables -L -vn -t nat
Chain PREROUTING (policy ACCEPT 2215 packets, 142K bytes)
pkts bytes target prot opt in out source destination
29 1760 DOCKER 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 14 packets, 860 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 649 packets, 41022 bytes)
pkts bytes target prot opt in out source destination
1 60 DOCKER 0 -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 650 packets, 41082 bytes)
pkts bytes target prot opt in out source destination
510 32588 MASQUERADE 0 -- * !br-mailcow 172.22.1.0/24 0.0.0.0/0
0 0 MASQUERADE 0 -- * !docker0 172.17.0.0/16 0.0.0.0/0
0 0 MASQUERADE 6 -- * * 172.22.1.0/24 0.0.0.0/0 tcp dpt:25
0 0 MASQUERADE 0 -- * ens18 192.168.100.131 0.0.0.0/0
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN 0 -- br-mailcow * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN 0 -- docker0 * 0.0.0.0/0 0.0.0.0/0
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:7654 to:172.22.1.249:6379
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:13306 to:172.22.1.5:3306
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:172.22.1.250:110
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 to:172.22.1.250:143
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 to:172.22.1.250:993
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 to:172.22.1.250:995
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4190 to:172.22.1.250:4190
0 0 DNAT 6 -- !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:19991 to:172.22.1.250:12345
root@mail:/opt/mailcow-dockerized#
root@mail:/opt/mailcow-dockerized# cp /opt/mailcow-dockerized/docker-compose.yml docker-compose.back.yaml
r
Logs of ip6tables -L -vn -t nat:
root@mail:/opt/mailcow-dockerized# ip6tables -L -vn -t nat
Chain PREROUTING (policy ACCEPT 461 packets, 40867 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER 0 -- * * ::/0 ::/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER 0 -- * * ::/0 !::1 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE 0 -- * !br-mailcow fd4d:6169:6c63:6f77::/64 ::/0
0 0 MASQUERADE 0 -- * !docker0 fd00:dead:beef:c0::/80 ::/0
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN 0 -- br-mailcow * ::/0 ::/0
0 0 RETURN 0 -- docker0 * ::/0 ::/0
0 0 DNAT 6 -- !br-mailcow * !fe80::/10 ::/0 tcp dpt:110 to:[fd4d:6169:6c63:6f77::a]:110
0 0 DNAT 6 -- !br-mailcow * !fe80::/10 ::/0 tcp dpt:143 to:[fd4d:6169:6c63:6f77::a]:143
0 0 DNAT 6 -- !br-mailcow * !fe80::/10 ::/0 tcp dpt:993 to:[fd4d:6169:6c63:6f77::a]:993
0 0 DNAT 6 -- !br-mailcow * !fe80::/10 ::/0 tcp dpt:995 to:[fd4d:6169:6c63:6f77::a]:995
0 0 DNAT 6 -- !br-mailcow * !fe80::/10 ::/0 tcp dpt:4190 to:[fd4d:6169:6c63:6f77::a]:4190
root@mail:/opt/mailcow-dockerized#
root@mail:/opt/mailcow-dockerized#
r
DNS check:
root@mail:/opt/mailcow-dockerized# docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254
Error response from daemon: No such container: dig
root@mail:/opt/mailcow-dockerized# docker exec -it $(docker ps -qf name=acme-mailcow)
docker: 'docker exec' requires at least 2 arguments
Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
See 'docker exec --help' for more information
root@mail:/opt/mailcow-dockerized# docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254
Error response from daemon: No such container: dig
root@mail:/opt/mailcow-dockerized#