Environment: my local computer installed through the hyper - v centos7 (IP: 192.168.137.223), then the docker centos7 installation, and launched the docker container, using the default mode network, docker container internal IP is 172.17.0.4 docker container provides services (docker internal port 8080 is mapped to a port 8080 on host),
Case 1: closed centos firewalld
At this point, I visit the docker services provided by the container on the host, caught in the docker container right now, can see 172.17.0.1, access IP is as follows:
Case 2: start the centos firewalld
At this point, the host computer through the curl http://192.168.137.223:8080/group1/stat (hosting IP) to visit the docker container service, IP is 192.168.137.223 caught inside the container, the diagram below:
Saw the iptables NAT rules in the table below:
Could you tell me how to explain the both cases?