CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

disable docker from managing iptables

Browse Source
This commit is contained in:
m0duspwnens
2022-12-22 13:26:10 -05:00
parent b4908e2bb9
commit 90882ce1db
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/docker/files/iptables-disabled.conf Normal file
View File

@@ -0,0 +1,3 @@
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --iptables=false

11
salt/docker/init.sls
View File

@@ -20,6 +20,17 @@ dockerheldpackages:
- hold: True - hold: True
- update_holds: True - update_holds: True
#disable docker from managing iptables
iptables_disabled:
file.managed:
- name: /etc/systemd/system/docker.service.d/iptables-disabled.conf
- source: salt://docker/files/iptables-disabled.conf
- makedirs: True
cmd.run:
- name: systemctl daemon-reload
- onchanges:
- file: iptables_disabled
# Make sure etc/docker exists # Make sure etc/docker exists
dockeretc: dockeretc:
file.directory: file.directory: