Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What step adds docker-related iptables rules #676

Open
maxpavlov opened this issue Mar 12, 2023 · 1 comment
Open

What step adds docker-related iptables rules #676

maxpavlov opened this issue Mar 12, 2023 · 1 comment

Comments

@maxpavlov
Copy link

I am building from arm64 branch with a custom stage. Standard stages I use are only stage1 and stage2.

A newly installed os has several entries for docker in it's iptables ipv4 rule file, like this:

-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT

This seems redundant if I am never planning to use docker on the Pi. How can I remove these redundant rules from being added? Thank you.

P.S. Maybe something in my custom stage is adding these, some package I am installing, so feel free to simply tell me it's on my side, and standard stages don't result in these being added. Thanks.
@XECDesign
Copy link
Member

It's not something we're doing explicitly and I can't find it in our images. I think something you're installing is adding those rules.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@maxpavlov @XECDesign