Addition to comment by @Ezarate11 (since I dont have enough rep to comment), make sure the --dport is the port that is being forwarded to, not the port that is exposed.
For example, if your configuration is 0.0.0.0:64743->80, then you would need to do
sudo iptables -I DOCKER-USER -p tcp -i eth0 ! -s 192.27.27.90 --dport 80 -j REJECT
This detail alone took me a while to figure out, I didn't see this mentioned anywhere else.
