diff --git a/cmd/drone-docker/main.go b/cmd/drone-docker/main.go
index f6448c2d..7eb8ffde 100644
--- a/cmd/drone-docker/main.go
+++ b/cmd/drone-docker/main.go
@@ -103,6 +103,11 @@ func main() {
 			Usage:  "docker daemon executes in debug mode",
 			EnvVar: "PLUGIN_DEBUG,DOCKER_LAUNCH_DEBUG",
 		},
+		cli.BoolTFlag{
+			Name:   "daemon.iptables",
+			Usage:  "docker daemon enable addition of iptables rules",
+			EnvVar: "PLUGIN_IPTABLES_OFF",
+		},
 		cli.BoolFlag{
 			Name:   "daemon.off",
 			Usage:  "don't start the docker daemon",
@@ -285,6 +290,7 @@ func run(c *cli.Context) error {
 			Disabled:      c.Bool("daemon.off"),
 			IPv6:          c.Bool("daemon.ipv6"),
 			Debug:         c.Bool("daemon.debug"),
+			IPTablesOff:   c.Bool("daemon.iptables"),
 			Bip:           c.String("daemon.bip"),
 			DNS:           c.StringSlice("daemon.dns"),
 			DNSSearch:     c.StringSlice("daemon.dns-search"),
diff --git a/docker.go b/docker.go
index 90301c28..c17489c1 100644
--- a/docker.go
+++ b/docker.go
@@ -20,6 +20,7 @@ type (
 		StoragePath   string   // Docker daemon storage path
 		Disabled      bool     // DOcker daemon is disabled (already running)
 		Debug         bool     // Docker daemon started in debug mode
+		IPTablesOff   bool     // docker daemon enable/disable addition of iptables rules
 		Bip           string   // Docker daemon network bridge IP address
 		DNS           []string // Docker daemon dns server
 		DNSSearch     []string // Docker daemon dns search domain
@@ -370,6 +371,9 @@ func commandDaemon(daemon Daemon) *exec.Cmd {
 	if daemon.Experimental {
 		args = append(args, "--experimental")
 	}
+	if daemon.IPTablesOff {
+		args = append(args, "--iptables=false")
+	}
 	return exec.Command(dockerdExe, args...)
 }