I tried to install Docker. Docker installation was successful. Container installation as well. After Docker is installed, bpi-r3 can access the internet, but its clients cannot. I can’t figure out why. Can anyone advise?
This is a known issue.
Did you try:
https://wiki.archlinux.org/title/Nftables#Working_with_Docker
And in the end also
Now you can setup a firewall and port forwarding for the
docker0interface using nftables without any interference
Also you need a kernel where veth device is enabled, which I have in my setup, but unknown for other.
A little insight. I have enable nftables.service and iptable.service. After the reboot, bpi-r3 clients do not have access to the Internet or to the container (for example Portainer). If I do a
/usr/lib/systemd/scripts/iptables-flush
then suddenly everything starts working. Why?
Better not to mix. iptables is deprecated and nftables is the replacement. Try find a solution that only uses nftables, as suggested in the wiki. With these things you do not have to invent the wheel, some must have figured it out already and wrote about it (in the wiki)
I disabled iptables. I created a folder /etc/docker. In this folder, he inserted a daemon.json file with the content:
{
"iptables": false
}
I rebooted and everything seems to be working.
Great news!!!