sverhoeven
commented
4 years ago docker run -d --name httpd -p 0.0.0.0:8080:80 httpd:alpine example in link does not leak to Internet anymore. Possible due to DOCKER-USER iptables chain in Docker v19. So no long er problem
The standard installation of Docker on Ubuntu can bypass the ufw firewall. This can be fixed with https://github.com/chaifeng/ufw-docker, this should be included in the Ansible scripts.