https://bugzilla.redhat.com/show_bug.cgi?id=1033606
--- Comment #21 from Josh Poimboeuf <jpoim...@redhat.com> --- (In reply to Marek Goldmann from comment #16) > Thanks Josh! > > It looks like the iptables rules creation in docker is wrong. It assumes > that the bridge interface is started every time. I created a patch which can > be found here: > https://github.com/goldmann/docker/commit/ > 0ff9bc1be3ae044107732c605986a0af20220134 AFAICT, the FORWARD rules only need to be created once, at bridge creation time. The bridge device and the FORWARD rules are never removed. They can then be re-used if the docker daemon exits and restarts. It seems like somebody is either a) creating the bridge without creating the rules or b) removing the rules without removing the bridge. I still don't understand what's happening here. That said, the patch itself looks fine to me. And it might be a good idea anyway, to make sure the rules are always correct. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ golang mailing list golang@lists.fedoraproject.org https://lists.fedoraproject.org/mailman/listinfo/golang
