0055332bde
With the new default since Wallaby, starting Docker makes it
enable forwarding and not filter it at all.
This may pose a security risk and should be mitigated.
Closes-Bug: #1931615
Change-Id: I5129136c066489fdfaa4d93741c22e5010b7e89d
(cherry picked from commit 0fa4ee56eb)
10 lines
364 B
YAML
10 lines
364 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Adds a new flag, ``docker_disable_ip_forward``, which
|
|
defaults to ``no`` and can be used (by setting ``yes``) to
|
|
disable docker's ``ip-forward`` option which makes docker set
|
|
``net.ipv4.ip_forward`` sysctl to ``1``.
|
|
This is to protect from creating all-forwarding hosts.
|
|
`LP#1931615 <https://launchpad.net/bugs/1931615>`__
|