Permalink
Browse files
Remove SNAT rule that made container traffic look like it was coming …
- Loading branch information...
Showing
with
1 addition
and
5 deletions.
-
+1
−5
worker/provisioner/lxc-broker.go
|
|
@@ -228,11 +228,7 @@ var iptablesRules = map[string]IptablesRule{ |
|
|
// need to check whether the rule exists because we only want to
|
|
|
// add it once. Exit code 0 means the rule exists, 1 means it
|
|
|
// doesn't
|
|
|
- "iptablesSNAT": {
|
|
|
- "nat",
|
|
|
- "POSTROUTING",
|
|
|
- "-o {{.HostIF}} -j SNAT --to-source {{.HostIP}}",
|
|
|
- }, "iptablesForwardOut": {
|
|
|
+ "iptablesForwardOut": {
|
|
|
// Ensure that we have ACCEPT rules that apply to the containers
|
|
|
// that we are creating so any DROP rules further down the chain
|
|
|
// don't disrupt wanted traffic.
|
|
|
|
0 comments on commit
7e7bc9d