DSM 7.1 Running Minecraft server in Docker

Currently reading
DSM 7.1 Running Minecraft server in Docker

Last edited:
Do you have firewall rule that allows for docker subnet to “talk” to your host (nas) subnet? Or maybe you have a fw rule that blocks it?
I can access the docker without issues from the LAN for example https://IP_SYNOLOGY:8080 gives me the qbittorrent web UI which runs inside a docker, or https://IP_SYNOLOGY:5001 gives me the DSM management.

Then I set up on my router port forwarding to ports 8080 and 5001.

Then when accessing from the interner, https://MY_EXTERNAL_IP:5001 works ok, but I cannot connect to https://MY_EXTERNAL_IP:8080.

But when I do a open port checker, for example Open Port Check Tool - Test Port Forwarding on Your Router, on ports 8080 and 5001, they are both open. But when accessing 8080, it gives me no response, no data.

In firewall I have SOURCE:ALL PROTOCOL:ALL PORTS:8080,5001 Allow


PS: it works now. Is it possible that it does not work on ports that are assigned/forwarded via the web station?

PS2: Now i see another issue : is it possible to configure docker in a way, that the containers do not have access to my LAN (192.168.x.x), but still have access to the internet? Like make then isolated from my LAN.
 
PS: it works now. Is it possible that it does not work on ports that are assigned/forwarded via the web station?
Any combination of port forward and/or firewall can allow/prevent access to any port. So looks like you have done it correctly in the end.

Like make then isolated from my LAN.
Just add the container in question in a separate docker network (not the host or default bridge), and then deny access using NAS firewall for that particular docker subnet towards your NAS subnet.
 
So people can connect to your Minecraft server, running inside a Docker container, on your Synology? Because I cannot connect to any server (minecraft or any other service) running inside of docker on my NAS from the internet. I have firewall enabled and also port forwarding.
Pretty sure I got this working, for 10 minutes that the kids found this interesting. Don't remember what I did now sadly..
 
Any combination of port forward and/or firewall can allow/prevent access to any port. So looks like you have done it correctly in the end.


Just add the container in question in a separate docker network (not the host or default bridge), and then deny access using NAS firewall for that particular docker subnet towards your NAS subnet.

How is it possible to "
deny access using NAS firewall for that particular docker subnet towards your NAS subnet.
"? Because in the Web management UI -> control panel -> security -> firewall -> Edit rules , I can only allow or deny based on Source address / Port / Protocol, not based on destination address. And If I do not allow from Docker network, then the docker container cannot access internet.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

How did you create the Portainer container in first place? As in exact docker run commands or in case...
Replies
7
Views
1,559
Thank you for this - I'll give it a go and see where I get - worst case I learn something as I go!
Replies
6
Views
1,774
Hello (again). This is an English speaking forum, please translate your topic. Tnx.
Replies
1
Views
348

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top