Prevent docket from setting Forward policy to DROP #39439
Description
Description
Steps to reproduce the issue:
- iptables -P FORWARD ACCEPT
- systemctl start docker
Describe the results you received:
FORWARD policy is DROP
Describe the results you expected:
FORWARD policy remains ACCEPT
Additional information you deem important (e.g. issue happens only occasionally):
This breaks networking in LXD and Libvirt (Qemu) NAT running on the same host.
Output of docker version:
Docker version 18.09.6-ce, build 481bc77156
Output of docker info:
Containers: 2
Running: 2
Paused: 0
Stopped: 0
Images: 10
Server Version: 18.09.6-ce
Storage Driver: btrfs
Build Version: Btrfs v4.20.2
Library Version: 102
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 894b81a4b802e4eb2a91d1ce216b8817763c29fb.m
runc version: 425e105d5a03fabd737a126ad93d62a9eeede87f
init version: fec3683
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.1.7-arch1-1-ARCH
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 5.308GiB
Name: alvmsrv
ID: 2HHR:ALYS:QSWZ:FB4S:AHHA:V5MC:77OA:2KJ5:CNTG:EJ6T:QDN3:U4OB
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Additional environment details (AWS, VirtualBox, physical, etc.):
Physical