1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
From: Arko Dasgupta <arko.dasgupta@docker.com>
Date: Fri, 1 Mar 2019 11:43:02 -0800
Subject: [PATCH] Revert "debian has iptables-legacy and iptables-nft now"
This reverts commit 7da66eea9f68e4abc83ed2892114ec565eddd66a.
Libnetwork should only use the iptables binary. Iptables v1.8 and above
uses the nftables backend. The translations for all the rules used by
libnetwork is supported by the new iptables binary.
Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
Origin: upstream, https://github.com/docker/libnetwork/pull/2343
---
libnetwork/iptables/iptables.go | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/libnetwork/iptables/iptables.go b/libnetwork/iptables/iptables.go
index 6a108e93d0..4b8d8832e9 100644
--- a/libnetwork/iptables/iptables.go
+++ b/libnetwork/iptables/iptables.go
@@ -87,16 +87,11 @@ func initFirewalld() {
}
func detectIptables() {
- path, err := exec.LookPath("iptables-legacy") // debian has iptables-legacy and iptables-nft now
+ path, err := exec.LookPath("iptables")
if err != nil {
- path, err = exec.LookPath("iptables")
- if err != nil {
- return
- }
+ return
}
-
iptablesPath = path
-
supportsXlock = exec.Command(iptablesPath, "--wait", "-L", "-n").Run() == nil
mj, mn, mc, err := GetVersion()
if err != nil {
|
