Google Git
Sign in
fuchsia / third_party / github.com / docker / docker / refs/tags/v19.03.4^1..refs/tags/v19.03.4 / .
commitadfac697dc5b74998c6a5229f1e4e9b2e0406af4[log] [tgz]
authorAndrew Hsu <andrewhsu@docker.com>Fri Oct 11 14:19:53 2019 -0700
committerGitHub <noreply@github.com>Fri Oct 11 14:19:53 2019 -0700
tree3cdea1f96116a1e976e52213f418fc59057d698c
parent5787ef7e9ce5951582ec51111b253184ef1cb2f3 [diff]
parent54a58760b6f0b3e50d6a592525413ac6599570a4 [diff]
Merge pull request #404 from thaJeztah/19.03_revert_iptables_check2

[19.03 backport] revert controller: Check if IPTables is enabled for arrangeUserFilterRule ENGCORE-1114
diff --git a/hack/dockerfile/install/proxy.installer b/hack/dockerfile/install/proxy.installer
index 1a0086f..26bf89a 100755
--- a/hack/dockerfile/install/proxy.installer
+++ b/hack/dockerfile/install/proxy.installer

@@ -3,7 +3,7 @@
 # LIBNETWORK_COMMIT is used to build the docker-userland-proxy binary. When
 # updating the binary version, consider updating github.com/docker/libnetwork
 # in vendor.conf accordingly
-LIBNETWORK_COMMIT=45c710223c5fbf04dc3028b9a90b51892e36ca7f
+LIBNETWORK_COMMIT=3eb39382bfa6a3c42f83674ab080ae13b0e34e5d # bump_19.03 branch
 
 install_proxy() {
 	case "$1" in

diff --git a/vendor.conf b/vendor.conf
index 2942c3a..3c05d45 100644
--- a/vendor.conf
+++ b/vendor.conf

@@ -38,7 +38,7 @@
 # libnetwork
 
 # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly
-github.com/docker/libnetwork                        45c710223c5fbf04dc3028b9a90b51892e36ca7f
+github.com/docker/libnetwork                        3eb39382bfa6a3c42f83674ab080ae13b0e34e5d # bump_19.03 branch
 github.com/docker/go-events                         9461782956ad83b30282bf90e31fa6a70c255ba9
 github.com/armon/go-radix                           e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
 github.com/armon/go-metrics                         eb0af217e5e9747e41dd5303755356b62d28e3ec

diff --git a/vendor/github.com/docker/libnetwork/firewall_linux.go b/vendor/github.com/docker/libnetwork/firewall_linux.go
index d27f60c..54f9621 100644
--- a/vendor/github.com/docker/libnetwork/firewall_linux.go
+++ b/vendor/github.com/docker/libnetwork/firewall_linux.go

@@ -2,7 +2,6 @@
 
 import (
 	"github.com/docker/libnetwork/iptables"
-	"github.com/docker/libnetwork/netlabel"
 	"github.com/sirupsen/logrus"
 )
 
@@ -10,44 +9,15 @@
 
 func (c *controller) arrangeUserFilterRule() {
 	c.Lock()
-
-	if c.hasIPTablesEnabled() {
-		arrangeUserFilterRule()
-	}
-
+	arrangeUserFilterRule()
 	c.Unlock()
-
 	iptables.OnReloaded(func() {
 		c.Lock()
-
-		if c.hasIPTablesEnabled() {
-			arrangeUserFilterRule()
-		}
-
+		arrangeUserFilterRule()
 		c.Unlock()
 	})
 }
 
-func (c *controller) hasIPTablesEnabled() bool {
-	// Locking c should be handled in the calling method.
-	if c.cfg == nil || c.cfg.Daemon.DriverCfg[netlabel.GenericData] == nil {
-		return false
-	}
-
-	genericData, ok := c.cfg.Daemon.DriverCfg[netlabel.GenericData]
-	if !ok {
-		return false
-	}
-
-	optMap := genericData.(map[string]interface{})
-	enabled, ok := optMap["EnableIPTables"].(bool)
-	if !ok {
-		return false
-	}
-
-	return enabled
-}
-
 // This chain allow users to configure firewall policies in a way that persists
 // docker operations/restarts. Docker will not delete or modify any pre-existing
 // rules from the DOCKER-USER filter chain.