1

I start learning how to use Docker and docker-compose and everytime I reboot my computer, I got this message when I do a docker-compose up:

Creating network "dockerlemp_default" with the default driver

ERROR: Failed to program FILTER chain: iptables failed: iptables --wait -I FORWARD -o br-74bd0d3628e8 -j DOCKER: iptables v1.6.1: Couldn't load target `DOCKER':No such file or directory

Try `iptables -h' or 'iptables --help' for more information.

Once the firewall disabled by doing the command sudo ufw disable and once the docker service restarted by the command systemctl restart docker, I can up my docker-compose normally. But I have to do it everytime I reboot.

Can someone explain me what the issue is with the iptables and how to fix this definitely ? Thank you very much.

FYI, here is my setup:

Lenovo Ideapad 510S-08ISH - Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz

Ubuntu 18.04.3 LTS Bionic (window manager i3wm)

Docker 18.09.7

docker-compose 1.17.1

Bravo2bad
  • 530
  • 1
  • 7
  • 25
  • Drop you iptables with #iptables -F , then restart docker #/etc/init.d/docker restart. Ensure that your docker starts first that your iptables on /etc/rc*.d/ – Jose Pato Sep 17 '21 at 22:29

2 Answers2

6

The last Docker versions do manipulate with iptables's rules in enough correct manner, even on Debian/Ubuntu (you don't use selinux, do you?). So this error means that some libs/configs are broken. Try the following steps:

  1. Check if chain DOCKER presents in iptables's rules (iptables --list-rules | grep '\-N\ DOCKER'). If it doesn't, then you can add the command iptables -N DOCKER to if-pre-up script (/etc/network/if-pre-up.d/iptables). It's just workaround, the better solution is to reinstall iptables and/or docker The latter depends on how you installed it. Maybe it makes sense to change the method (apt-get install docker.io instead wget -qO- https://get.docker.com/ | sh and vise versa). In that case don't forget to uninstall Docker first.
  2. If DOCKER chain presents, then check if you have iptables-restore command in if-pre-up script (usually /etc/network/if-pre-up.d/iptables). If yes, then try to re-create the source file for iptables-restore or even temprorary disable iptables-restore.
  3. Check your Docker configs (/etc/docker/daemon.json and /etc/default/docker). Perhaps some application has written some unwanted options there.
Egor
  • 113
  • 1
  • 8
4

I got the same error when I used sudo docker-compose, I used this answer:

sudo iptables -t filter -F

sudo iptables -t filter -X

systemctl restart docker

and it totally worked.

Matin Onegh
  • 81
  • 2