Docker-ce oppening Firewalld ports on rocky 8

Docker-cd, when run with -p 3010:3010 bypass the firewall and open the container port to the world... If i disable docker and run a python -m http.server, the port is blocked to the outside (as it should, the default rule is drop) but after the docker run, docker opens it. This prevents me from running a database or a redis with docker, without these services beeing expoded to the world.

I tried: --iptables=false, but got: unknown flag: --iptables

(as sugestes in a similar question: firewalld not blocking docker container ports)

Anyone knows how to prevent docker from oppening holes in my firewall?