Bobcares

Iptables no chain/target/match by that name docker – Quick fix!

by | Nov 4, 2019

Iptables: No chain/target/match by that name is an error while running a Docker container.

Confused about how running a Docker caused an iptables error?

This is because Docker works in correlation with iptables.

At Bobcares, we get requests to fix docker iptables errors, as a part of our Server Management Services.

Today, let’s have a look at how our Support Engineers fix this error.

 

Docker and iptables

Docker is one of the popular container software. It allows both Developers and Sysadmins to develop, setup, and run applications. Whereas, iptables is the built-in firewall for Linux based systems.

So how does a Docker relates to the Linux firewall iptables?

Usually, on Linux, Docker modifies or creates iptables rules. And the purpose is to provide network isolation. Iptables add these rules to the DOCKER chain.

While running the Docker, these rules come into action. Iptables allow all the rules predefined by Docker. This works fine until both Docker and firewall work in correlation. Let’s now see how this leads to an error.

 

Docker error iptables no chain/target/match by that name

Many of our customers approach us with Docker iptables errors. But, this error shows up when the user is running a Docker.

While users execute the command to run the Docker, it checks for the firewall status. When the firewall is down, it shows up the error. A Docker iptables error in laravel-nginx server appears as,

Iiptables no chain/target/match by that name docker error in laravel-nginx server.

This is the complete error message. Here the message says that the driver has difficulty in connecting to the endpoint. Let’s see how our Support Engineers fix this error.

 

Fix for Docker error iptables no chain/target/match

This error indicates a missing firewall chain while the Docker is running.

That is, sometimes users delete the DOCKER chain from iptables. Otherwise, users restart the firewall service while the Docker is running. Hence, removing the iptables rules created by Docker.

In both cases, Docker loses its correlation with iptables. And results in Docker error.

Our customers often approach us with this error. Firstly, we check if the firewall service status using

systemctl status iptables.service

If the service is down we restart the service.

Then, we check the iptables rules using the command

iptables -L

The docker firewall rules were missing thus it shows the error.

To resolve the error our Support Engineers restart the docker service. For instance, to restart the docker we use the command,

service docker restart

While restarting the Docker, it automatically creates the firewall rules. And we ensure to enable the firewall before restarting the docker.

Similarly, executing rules without specifying table-name can result in the same error message.

For example, consider the command,

iptables -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443

Here the PREROUTING chain belongs to the NAT table. As the user hasn’t specified the name, it considers it as default table. And this results in an error.

In this case, our Support Team asks the customers to execute the command by specifying table-name.

iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443

Hence this fixes the error.

 

[Need help in fixing Docker iptables error? – We’ll help you.]

 

Conclusion

In short, iptables no chain/target/match by that name Docker error occur due to non-correlation. In Linux Docker creates iptables rules. The error shows up if the firewall is not in correlation with the Docker. Today, we saw how our Support Engineers fix this error.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.