Situation
I have a Tinyproxy Docker container forwarding traffic on a host. I also have Nginx reverse proxy receiving/passing HTTP/HTTPS connections to other servers on the same host. Tinyproxy and Nginx are on different Docker networks. Nginx and the servers behind it share the same Docker network.
If I try to restrict Nginx's incoming connections to connections coming from Tinyproxy, everything works fine. I checked Nginx's logs and saw that all proxied connections were coming from Nginx's gateway, presumably because Docker was handling the routing between its networks. Then I just restricted incoming connections to the gateway on Nginx's server directives:
allow 192.168.10.1;
deny all;
Problem
When I close 80 and 443/tcp ports on my host, Tinyproxy cannot access the servers. My goal is to close 80 and 443/tcp ports and only allow incoming traffic through Tinyproxy to servers behind Nginx.
What I've Tried
Specified Nginx's and Tinyproxy's networks on my UFW rules (ufw allow from 192.168.20.0/24 to 192.168.10.0/24 port 80/tcp; ufw allow from 192.168.20.0/24 to 192.168.10.0/24 port 443/tcp
, being 192.168.20.0/24 Tinyproxy's network). No success.