Solves the problem with open ports for Docker and UFW As Docker uses the NAT table, the filter table FORWARD chain is used and does not touch ufw-input chains as expected. Even for ufw-forward chains it would not work, as DOCKER chains are inserted in front.
This is a simple fix that worked for me. moby/moby#4737 (comment)
Unfortunately this fix stops forwarding users origin IP to host mode configured service We hotfix that with cronjob for now: Add CRONFIX=1 Check yourself if you need that. It only allows 1:1 port mappings
Apply the Patch:
docker_ufw_setup=https://gist.githubusercontent.com/rubot/418ecbcef49425339528233b24654a7d/raw/docker_ufw_setup.sh
DEBUG=1 CRONFIX=1 bash <(curl -SsL $docker_ufw_setup)
Reset the patch:
RESET=1 bash <(curl -SsL $docker_ufw_setup)