How to close open ports in Docker?

Good day!

Task: to close access from outside all ports except 22, 80 and 443. The server in the same local network must have access to all the ports listening on the server.

Created iptables rules:

-P INPUT DROP
-A INPUT-p tcp -m tcp -m multiport --dports 22,80,443 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT-p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT-p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT-p icmp -m icmp --icmp-type 3/1-j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -s 192.168.1.100/32 -j ACCEPT
-A INPUT -s 192.168.1.101/32 -j ACCEPT
-A INPUT -s 192.168.1.102/32 -j ACCEPT
-A INPUT-i docker0 -j ACCEPT

Everything works, but after running docker containers, docker adds rules in its chain, which give access to the listening ports to the outside:

-A FORWARD -j DOCKER ISOLATION
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER-d 172.17.0.5/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9200-j ACCEPT
-A DOCKER-d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 27017 -j ACCEPT
-A DOCKER-d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 27017 -j ACCEPT
-A DOCKER-d 172.17.0.12/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER-d 172.17.0.20/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 11211 -j ACCEPT
-A DOCKER-ISOLATION-j RETURN

How to solve this problem, what would the open ports of the containers have been closed out and was only available for certain servers specified in the INPUT chain?