network create should use firewall plugin

when creating a network, podman should add the firewall plugin to the config but not specify a backend.  this will allow cni to determine whether it should use an iptables|firewalld backend.

Signed-off-by: Brent Baude <bbaude@redhat.com>

2 files changed, 1 insertions, 1 deletions

diff --git a/pkg/adapter/network.go b/pkg/adapter/network.go
index c5bd91534..b25f54a13 100644
--- a/pkg/adapter/network.go
+++ b/pkg/adapter/network.go
@@ -209,6 +209,7 @@ func (r *LocalRuntime) NetworkCreateBridge(cli *cliconfig.NetworkCreateValues) (
 	bridge := network.NewHostLocalBridge(bridgeDeviceName, isGateway, false, ipMasq, ipamConfig)
 	plugins = append(plugins, bridge)
 	plugins = append(plugins, network.NewPortMapPlugin())
+	plugins = append(plugins, network.NewFirewallPlugin())
 	// if we find the dnsname plugin, we add configuration for it
 	if network.HasDNSNamePlugin(runtimeConfig.CNIPluginDir) && !cli.DisableDNS {
 		// Note: in the future we might like to allow for dynamic domain names
diff --git a/pkg/network/netconflist.go b/pkg/network/netconflist.go
index a8217097a..34ff00024 100644
--- a/pkg/network/netconflist.go
+++ b/pkg/network/netconflist.go
@@ -110,7 +110,6 @@ func NewPortMapPlugin() PortMapConfig {
 func NewFirewallPlugin() FirewallConfig {
 	return FirewallConfig{
 		PluginType: "firewall",
-		Backend:    "iptables",
 	}
 }