Skip to content

iptables: remove deprecated SCTP checksum rule#50539

Merged
robmry merged 1 commit intomoby:masterfrom
robmry:iptables_remove_unused_sctp_checksum
Jul 28, 2025
Merged

iptables: remove deprecated SCTP checksum rule#50539
robmry merged 1 commit intomoby:masterfrom
robmry:iptables_remove_unused_sctp_checksum

Conversation

@robmry
Copy link
Contributor

@robmry robmry commented Jul 28, 2025
edited by vvoland
Loading

- What I did

Since 28.0.0, an iptables rule related to SCTP has only been included if escape hatch variable DOCKER_IPTABLES_SCTP_CHECKSUM=1

Nobody's reported that the escape hatch was needed, and the rule it guards doesn't make sense. So, remove.

- How I did it

- How to verify it

- Human readable description for the release notes

- Since 28.0.0, an `iptables` mangle rule for checksumming SCTP was only added if environment variable `DOCKER_IPTABLES_SCTP_CHECKSUM=1` was set. The rule has now been removed, the environment variable now has no effect.

- A picture of a cute animal (not mandatory but encouraged)

@robmry
iptables: remove SCTP checksum rule
969b293 
Since 28.0.0, an iptables rule related to SCTP has only been
included if escape hatch variable DOCKER_IPTABLES_SCTP_CHECKSUM=1

Nobody's reported that the escape hatch was needed, and the rule
it guards doesn't make sense. So, remove.

Signed-off-by: Rob Murray <rob.murray@docker.com>
@robmry robmry added this to the 29.0.0 milestone Jul 28, 2025
@robmry robmry self-assigned this Jul 28, 2025
@robmry robmry added area/networking Networking impact/changelog kind/refactor PR's that refactor, or clean-up code area/networking/firewalling Networking labels Jul 28, 2025
@robmry robmry changed the title iptables: remove SCTP checksum rule iptables: remove deprecated SCTP checksum rule Jul 28, 2025
@robmry robmry marked this pull request as ready for review July 28, 2025 10:23
@robmry robmry assigned akerouanton and vvoland and unassigned akerouanton and vvoland Jul 28, 2025
@robmry robmry requested review from akerouanton and vvoland July 28, 2025 10:23
@robmry robmry merged commit 3555bb4 into moby:master Jul 28, 2025
336 of 340 checks passed
@robmry robmry deleted the iptables_remove_unused_sctp_checksum branch July 28, 2025 11:19
@dmcgowan dmcgowan mentioned this pull request Aug 6, 2025
Closed
@dmcgowan dmcgowan mentioned this pull request Sep 5, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@akerouanton akerouanton akerouanton approved these changes

@vvoland vvoland vvoland approved these changes

Assignees

@robmry robmry

Labels

area/networking/firewalling Networking area/networking Networking impact/changelog kind/refactor PR's that refactor, or clean-up code

Projects

None yet

Milestone

29.0.0

Development

Successfully merging this pull request may close these issues.

Remove escape-hatch for iptables rule for SCTP checksum fixup

3 participants

@robmry @akerouanton @vvoland