I am building from arm64 branch with a custom stage. Standard stages I use are only stage1 and stage2.
A newly installed os has several entries for docker in it's iptables ipv4 rule file, like this:
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
This seems redundant if I am never planning to use docker on the Pi. How can I remove these redundant rules from being added? Thank you.
P.S. Maybe something in my custom stage is adding these, some package I am installing, so feel free to simply tell me it's on my side, and standard stages don't result in these being added. Thanks.
I am building from arm64 branch with a custom stage. Standard stages I use are only stage1 and stage2.
A newly installed os has several entries for docker in it's iptables ipv4 rule file, like this:
This seems redundant if I am never planning to use docker on the Pi. How can I remove these redundant rules from being added? Thank you.
P.S. Maybe something in my custom stage is adding these, some package I am installing, so feel free to simply tell me it's on my side, and standard stages don't result in these being added. Thanks.