Disable docker's ip-forward when iptables disabled
With the new default since Wallaby, starting Docker makes it
enable forwarding and not filter it at all.
This may pose a security risk and should be mitigated.
Closes-Bug: #1931615
Change-Id: I5129136c066489fdfaa4d93741c22e5010b7e89d
(cherry picked from commit 0fa4ee56eb86eb7d4b4e3bb9d9c9993f6906c1bd)
Reviewed: https:/ /review. opendev. org/c/openstack /kolla- ansible/ +/796223 /opendev. org/openstack/ kolla-ansible/ commit/ eb4815345a1af33 372da52f39c5cf6 696b2f903f
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/wallaby
commit eb4815345a1af33 372da52f39c5cf6 696b2f903f
Author: Radosław Piliszek <email address hidden>
Date: Thu Jun 10 17:26:38 2021 +0000
Disable docker's ip-forward when iptables disabled
With the new default since Wallaby, starting Docker makes it
enable forwarding and not filter it at all.
This may pose a security risk and should be mitigated.
Closes-Bug: #1931615 fdfaa4d93741c22 e5010b7e89d d4b4e3bb9d9c999 3f6906c1bd)
Change-Id: I5129136c066489
(cherry picked from commit 0fa4ee56eb86eb7