Configure iptables forward policy when ip forwarding is enabled

Signed-off-by: Leonardo Nodari <me@leonardonodari.it>
suwang48404 · Sep 12, 2019 · d070217 · d070217
1 parent 92d1fbe
commit d070217
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/drivers/bridge/setup_ip_forwarding.go b/drivers/bridge/setup_ip_forwarding.go
@@ -34,11 +34,11 @@ func setupIPForwarding(enableIPTables bool) error {
 		if err := configureIPForwarding(true); err != nil {
 			return fmt.Errorf("Enabling IP forwarding failed: %v", err)
 		}
-		// When enabling ip_forward set the default policy on forward chain to
-		// drop only if the daemon option iptables is not set to false.
-		if !enableIPTables {
-			return nil
-		}
+	}
+
+	// Set the default policy on forward chain to drop only if the
+	// daemon option iptables is not set to false.
+	if enableIPTables {
 		if err := iptables.SetDefaultPolicy(iptables.Filter, "FORWARD", iptables.Drop); err != nil {
 			if err := configureIPForwarding(false); err != nil {
 				logrus.Errorf("Disabling IP forwarding failed, %v", err)