Package: docker.io Version: 18.09.1+dfsg1-5 Severity: important I run Docker on my laptop to allow me to test various environments, such as Debian stable. I also use ufw to provide a firewall to restrict access to most ports.
However, these two programs are incompatible. ufw uses the nftables-based iptables and restricts forwarding. Docker uses iptables-legacy, but because the nftables-based rules take precedence, forwarding doesn't occur, and hence networking is broken (TCP and UDP don't work). Since programs are going to increasingly use the regular iptables, it's important that Docker function with whatever option is the default. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages docker.io depends on: ii adduser 3.118 ii iptables 1.8.2-3 ii libc6 2.28-6 ii libdevmapper1.02.1 2:1.02.155-2 ii libltdl7 2.4.6-9 ii libnspr4 2:4.20-1 ii libnss3 2:3.42-1 ii libseccomp2 2.3.3-3 ii libsystemd0 240-5 ii lsb-base 10.2018112800 ii runc 1.0.0~rc6+dfsg1-1 ii tini 0.18.0-1 Versions of packages docker.io recommends: ii ca-certificates 20190110 ii cgroupfs-mount 1.4 ii git 1:2.20.1+next.20190129-1 pn needrestart <none> ii xz-utils 5.2.4-1 Versions of packages docker.io suggests: pn aufs-tools <none> pn btrfs-progs <none> ii debootstrap 1.0.114 pn docker-doc <none> ii e2fsprogs 1.44.5-1 ii rinse 3.3 pn xfsprogs <none> pn zfs-fuse | zfsutils <none> -- no debconf information -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
