Hi all,
I’m encountering an issue when trying to run a Docker Compose setup that includes explicit port mappings (e.g., ports: ["3000:3000"]). The container fails to start due to an iptables-related error. Using network_mode: host allows the container to start, but that’s not suitable for my final implementation, as I need proper port mapping to work.
Here’s the error message I receive when attempting to start the container:
[+] Running 0/1
⠋ Container vision-dep Starting 1.0s
Error response from daemon: failed to set up container networking: driver failed programming external connectivity on endpoint vision-dep (361fad43c5e31408d21d82193082d126d9a595d836797ae2a8db79668b308290): Unable to enable DIRECT ACCESS FILTERING - DROP rule: (iptables failed: iptables --wait -t raw -A PREROUTING -p tcp -d 172.23.0.2 --dport 3000 ! -i br-ead736bf9537 -j DROP: iptables v1.8.7 (legacy): can't initialize iptables table raw': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
(exit status 3))
To troubleshoot, I tried manually loading the iptable_raw kernel module:
$ sudo modprobe iptable_raw
modprobe: FATAL: Module iptable_raw not found in directory /lib/modules/5.15.148-tegra
This suggests that the iptable_raw module is missing from the kernel build.
System Information:
- OS: Ubuntu 22.04.5 LTS (Jammy Jellyfish)
- JetPack Version: 6.2
- Kernel Version: 5.15.148-tegra
- Device: Jetson Orin Nano Developer Kit
- L4T Version: 36.4.3
$ uname -a
Linux ubuntu 5.15.148-tegra #1 SMP PREEMPT Tue Jan 7 17:14:38 PST 2025 aarch64 aarch64 aarch64 GNU/Linux
Question:
What would be the proper way to enable or install iptable_raw on this system so that Docker port mappings work correctly? Is there a recommended approach for Jetson devices running this kernel, or do I need to rebuild the kernel with specific modules enabled?
Any help or guidance would be greatly appreciated!