Permalink
Browse files

Remove SNAT rule that made container traffic look like it was coming …

…from its host.
  • Loading branch information...
1 parent 1257d20 commit 7e7bc9d3ad436cf25fa725f54334527cea9cb938 @dooferlad dooferlad committed Apr 9, 2015
Showing with 1 addition and 5 deletions.
  1. +1 −5 worker/provisioner/lxc-broker.go
@@ -228,11 +228,7 @@ var iptablesRules = map[string]IptablesRule{
// need to check whether the rule exists because we only want to
// add it once. Exit code 0 means the rule exists, 1 means it
// doesn't
- "iptablesSNAT": {
- "nat",
- "POSTROUTING",
- "-o {{.HostIF}} -j SNAT --to-source {{.HostIP}}",
- }, "iptablesForwardOut": {
+ "iptablesForwardOut": {
// Ensure that we have ACCEPT rules that apply to the containers
// that we are creating so any DROP rules further down the chain
// don't disrupt wanted traffic.

0 comments on commit 7e7bc9d

Please sign in to comment.