container/podman
container/podman
1
0
Fork 0
mirror of https://github.com/containers/podman synced 2024-10-19 08:44:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

network create should use firewall plugin

Browse source 
when creating a network, podman should add the firewall plugin to the config but not specify a backend.  this will allow cni to determine whether it should use an iptables|firewalld backend.

Signed-off-by: Brent Baude <bbaude@redhat.com>
This commit is contained in:
Brent Baude 2020-02-27 14:39:31 -06:00
parent cfd4060890
commit 6c97e0d5c1
2 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pkg/adapter/network.go
View file

@ -209,6 +209,7 @@ func (r *LocalRuntime) NetworkCreateBridge(cli *cliconfig.NetworkCreateValues) (
bridge := network.NewHostLocalBridge(bridgeDeviceName, isGateway, false, ipMasq, ipamConfig)
plugins = append(plugins, bridge)
plugins = append(plugins, network.NewPortMapPlugin())
plugins = append(plugins, network.NewFirewallPlugin())
// if we find the dnsname plugin, we add configuration for it
if network.HasDNSNamePlugin(runtimeConfig.CNIPluginDir) && !cli.DisableDNS {
// Note: in the future we might like to allow for dynamic domain names

1
pkg/network/netconflist.go
View file

@ -110,7 +110,6 @@ func NewPortMapPlugin() PortMapConfig {
func NewFirewallPlugin() FirewallConfig {
return FirewallConfig{
PluginType: "firewall",
Backend: "iptables",
}
}