fix the issue that the docker bridge no internet connection

package/base-files/files/etc/hotplug.d/net/51-docker

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+[ "${ACTION}" = "add" ] || exit 0
+[ "${DEVICENAME}" = "docker0" ] || exit 0
+
+/usr/bin/setup_docker_firewall.sh start &

package/base-files/files/etc/sysctl.conf

@@ -1 +1,9 @@
 # Defaults are configured in /etc/sysctl.d/* and can be customized in this file
+#
+
+net.bridge.bridge-nf-call-ip6tables = 1
+net.bridge.bridge-nf-call-iptables = 1
+net.bridge.bridge-nf-call-arptables = 1
+
+net.ipv6.conf.default.forwarding=1
+net.ipv6.conf.all.forwarding=1

package/base-files/files/usr/bin/setup_docker_firewall.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+setup_docker_firewall() {
+	sleep 2
+	iptables -N DOCKER-MAN
+	iptables -I DOCKER-USER -j DOCKER-MAN
+	iptables -A DOCKER-MAN -i br-lan -o docker0 -j RETURN
+	iptables -A DOCKER-MAN -m conntrack --ctstate NEW,INVALID -o docker0 -j DROP
+	iptables -A DOCKER-MAN -m conntrack --ctstate ESTABLISHED,RELATED -o docker0 -j RETURN
+	iptables -A DOCKER-MAN -j RETURN
+}
+
+check_docker_status() {
+	iptables -L DOCKER-MAN -n >/dev/null 2>&1; ret=$?
+	if [ $ret -eq 0 ]; then
+		t_status="docker-fw: loaded"
+	else
+		t_status="docker-fw: inactive"
+	fi
+	return $ret
+}
+
+# ---------------------------------------------------------
+
+case $1 in
+start)
+	check_docker_status && { echo "$t_status"; exit 0; }
+	setup_docker_firewall
+	;;
+status)
+	check_docker_status;	 echo "$t_status"
+	;;
+*)
+	echo "$0 start|stop|status"
+	;;
+esac
+
+