I installed docker on openwrt and ran a container. This container used the -p parameter to map the container's port to openwrt. For example, if the container port is 80, I mapped the container's port 80 to openwrt's port 6699. Then I set port 6699 to discard in the communication rules. The protocol is TCP, and I use IPV4 and IPV6. I didn't do any port mapping, but the strange thing is, why can I still access this port 6699 using other networks? I tried to change the same configuration port to 22, so I couldn't connect to openwrt through ssh using other networks, which means that my communication rules configuration is correct, which is very strange.
My system version is "OpenWrt 23.05.5 r24106-10cc5fcd00 / LuCI openwrt-23.05 branch git-25.130.39098-a843514"