forked from extern/shorewall_code
Add an ESTABLISHED,RELATED rule for docker0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
35a22eedac
commit
5212dba7cb
@ -646,6 +646,7 @@ sub create_docker_rules() {
|
||||
add_commands( $chainref, 'if [ -n "$g_docker" ]; then' );
|
||||
incr_cmd_level( $chainref );
|
||||
add_ijump( $chainref, j => 'DOCKER', o => 'docker0' );
|
||||
add_ijump( $chainref, j => 'ACCEPT', o => 'docker0', state_imatch 'ESTABLISHED,RELATED' );
|
||||
add_ijump( $chainref, j => 'ACCEPT', i => 'docker0', o => '! docker0' );
|
||||
add_ijump( $chainref, j => 'ACCEPT', i => 'docker0', o => 'docker0' ) if $dockerref->{options}{routeback};
|
||||
add_ijump( $filter_table->{OUTPUT}, j => 'DOCKER' );
|
||||
|
Loading…
Reference in New Issue
Block a user