Docker's nftables Mode Doesn't Respect Your Drop Rules — Here's the Fix

You enable Docker's experimental nftables support, add a drop rule in /etc/nftables.conf , reload your firewall, and the container port stays wide open. The packet hits your drop rule, then Docker's accept rule fires anyway. This violates everything you thought you knew about packet filtering. I hit this exact scenario running a multi-tenant LLM API platform where different teams deploy inference containers. One team accidentally exposed their Ollama admin interface on port 3000. Standard nftables drop rules in our firewall config did nothing — the port stayed accessible from the internet. Why Docker's nftables Chains Bypass Your Rules Docker 29+ creates its own nftables table ( docker ) with chains that hook into prerouting , forward , and postrouting . These chains have specific priority values that determine their execution order relative to your custom chains. Here's the critical part: nftables evaluates chains based on priority within the same hook . A drop rule in your inet filte