Unable to use tunnel when ports are not listed on ufw

What is the name of the domain?

photos.luckythedog.xyz

What is the error number?

502

What is the error message?

Bad gateway

What is the issue you’re encountering

I have immich and cloudfared in docker containers on an Ubuntu 22.04 server. I also have ufw set up and turned on. When I do not add the port exposed for immich (2833) to ufw (sudo ufw allow 2833), I get this error. Everything is running well IF I add the port in ufw.

What steps have you taken to resolve the issue?

Currently, I just added the ports in ufw, but I want to know if this is the only way to do it.

All outbound connections are allowed, immich container and cloudflared containers are on the same docker network.

Screenshot of the error

May I ask if there is some kind of a port forwarding in between? :thinking:
Both services on port 8080 and 2833 doesn’t work, correct?

Are you’re trying to route non-http traffic through the tunnel, or I could be wrong?

All the inbound ports are disabled by default via iptables, while ufw not active?

I switched from using reverse proxy via traefik to cf tunnels. I had 80 and 443 ports open on my router for the reverse proxy to work before. Currently, traefik is not running anymore, but the ports on my router are still open.

Hmm 2833 is https://immich.app/ and 8080 is just Jenkins

I’m not too familiar. I would say for iptables, everything is on default setting since I have not touched this. Let me know how best to check, I can paste a screenshot here.