check-config.sh should check for IPv6 features #49615
Description
Description
I've been having a lot of strange ip6tables related errors, I then realised check-config.sh does not check IP6_NF features.
$ sh check-config.sh | grep NF_FILTER
- CONFIG_IP_NF_FILTER: enabled
$ zcat /proc/config.gz | grep NF_FILTER
CONFIG_IP_NF_FILTER=y
# CONFIG_IP6_NF_FILTER is not set
Reproduce
With the following docker-compose.yml:
services:
some-server:
image: alpine
ports:
- 8000:8000
networks:
default:
enable_ipv6: true
voltagex@debian:~/docker/test$ docker compose up -d
[+] Running 2/2
✔ some-server Pulled 3.9s
✔ f18232174bc9 Already exists 0.0s
[+] Running 1/1
✘ Network test_default Error 0.0s
failed to create network test_default: Error response from daemon: Failed to Setup IP tables: Unable to enable SKIP DNAT rule: (iptables failed: ip6tables --wait -t nat -I DOCKER -i br-9c91f3e0c87c -j RETURN: ip6tables: No chain/target/match by that name.
(exit status 1))
Expected behavior
Docker is able to bring up the default network with ipv6 enabled.
docker version
Client: Docker Engine - Community
Version: 28.0.1
API version: 1.48
Go version: go1.23.6
Git commit: 068a01e
Built: Wed Feb 26 10:41:16 2025
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 28.0.1
API version: 1.48 (minimum version 1.24)
Go version: go1.23.6
Git commit: bbd0a17
Built: Wed Feb 26 10:41:16 2025
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.25
GitCommit: bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
runc:
Version: 1.2.4
GitCommit: v1.2.4-0-g6c52b3f
docker-init:
Version: 0.19.0
GitCommit: de40ad0docker info
$ docker info
Client: Docker Engine - Community
Version: 28.0.1
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.21.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.33.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 21
Running: 0
Paused: 0
Stopped: 21
Images: 17
Server Version: 28.0.1
Storage Driver: btrfs
Btrfs:
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
runc version: v1.2.4-0-g6c52b3f
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.14.0-rc6
Operating System: Debian GNU/Linux trixie/sid
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 31.34GiB
Name: debian
ID: 95c7eb83-123c-47e1-9fda-c4b2f1ee877f
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 24
Goroutines: 41
System Time: 2025-03-10T17:03:30.547215949+11:00
EventsListeners: 0
Username: voltagex
Experimental: false
Insecure Registries:
::1/128
127.0.0.0/8
Live Restore Enabled: falseAdditional Info
No response