Merge pull request #398 from thaJeztah/19.03_rollback_libnetwork
[19.03] roll-back libnetwork iptables forward policy change [DESKTOP-1934]
diff --git a/hack/dockerfile/install/proxy.installer b/hack/dockerfile/install/proxy.installer
index 8a3b013..1a0086f 100755
--- a/hack/dockerfile/install/proxy.installer
+++ b/hack/dockerfile/install/proxy.installer
@@ -3,7 +3,7 @@
# LIBNETWORK_COMMIT is used to build the docker-userland-proxy binary. When
# updating the binary version, consider updating github.com/docker/libnetwork
# in vendor.conf accordingly
-LIBNETWORK_COMMIT=96bcc0dae898308ed659c5095526788a602f4726
+LIBNETWORK_COMMIT=45c710223c5fbf04dc3028b9a90b51892e36ca7f
install_proxy() {
case "$1" in
diff --git a/vendor.conf b/vendor.conf
index 3538f85..2942c3a 100644
--- a/vendor.conf
+++ b/vendor.conf
@@ -38,7 +38,7 @@
# libnetwork
# When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly
-github.com/docker/libnetwork 96bcc0dae898308ed659c5095526788a602f4726
+github.com/docker/libnetwork 45c710223c5fbf04dc3028b9a90b51892e36ca7f
github.com/docker/go-events 9461782956ad83b30282bf90e31fa6a70c255ba9
github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
diff --git a/vendor/github.com/docker/libnetwork/drivers/bridge/setup_ip_forwarding.go b/vendor/github.com/docker/libnetwork/drivers/bridge/setup_ip_forwarding.go
index 3db12bf..10f61a1 100644
--- a/vendor/github.com/docker/libnetwork/drivers/bridge/setup_ip_forwarding.go
+++ b/vendor/github.com/docker/libnetwork/drivers/bridge/setup_ip_forwarding.go
@@ -34,11 +34,11 @@
if err := configureIPForwarding(true); err != nil {
return fmt.Errorf("Enabling IP forwarding failed: %v", err)
}
- }
-
- // Set the default policy on forward chain to drop only if the
- // daemon option iptables is not set to false.
- if enableIPTables {
+ // When enabling ip_forward set the default policy on forward chain to
+ // drop only if the daemon option iptables is not set to false.
+ if !enableIPTables {
+ return nil
+ }
if err := iptables.SetDefaultPolicy(iptables.Filter, "FORWARD", iptables.Drop); err != nil {
if err := configureIPForwarding(false); err != nil {
logrus.Errorf("Disabling IP forwarding failed, %v", err)