cmspam
commented
8 months ago The latest docker file actually runs both in the container. Whichever one isn’t used should error out and whichever is should work.
Depending on the OS it can be different which is used so I did it that way for most compatibility.
On Sun, Feb 25, 2024 at 0:55 WebsliceNL @.***> wrote:
Is the iptables-legacy note in the docs maybe host OS dependent?
On AmazonLinux2023 iptables-legacy is not used by default by docker.
iptables-legacy -I DOCKER-USER -j ACCEPT iptables: No chain/target/match by that name.
ip6tables-legacy -I DOCKER-USER -j ACCEPT ip6tables: No chain/target/match by that name.
Looks like the DOCKER-USER chain is created in the new iptables tables, so I can just run;
iptables -I DOCKER-USER -j ACCEPT ip6tables -I DOCKER-USER -j ACCEPT
iptables -L |grep DOCKER-USER Warning: iptables-legacy tables present, use iptables-legacy to see them
DOCKER-USER all -- anywhere anywhere Chain DOCKER-USER (1 references)
— Reply to this email directly, view it on GitHub https://github.com/cmspam/incus-docker/issues/2, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAV7MGOWJ2THDNPUSX22JCLYVIEOFAVCNFSM6AAAAABDYDHAQSVHI2DSMVQWIX3LMV43ASLTON2WKOZSGE2TEMZXGQYTKOI . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Is the iptables-legacy note in the docs maybe host OS dependent?
On AmazonLinux2023 iptables-legacy is not used by default by docker.
iptables-legacy -I DOCKER-USER -j ACCEPT iptables: No chain/target/match by that name.
ip6tables-legacy -I DOCKER-USER -j ACCEPT ip6tables: No chain/target/match by that name.
Looks like the DOCKER-USER chain is created in the new iptables tables, so I can just run;
iptables -I DOCKER-USER -j ACCEPT ip6tables -I DOCKER-USER -j ACCEPT
iptables -L |grep DOCKER-USER
Warning: iptables-legacy tables present, use iptables-legacy to see them
DOCKER-USER all -- anywhere anywhere
Chain DOCKER-USER (1 references)