Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Replace existing iptables handler with firewall code | Matthew Heon | 2018-09-10 |
| | | | | | | | | | | | | Use the new firewall code vendored from CNI to replace the existing iptables rule addition handler we had in place. This adds proper support for firewalld and should be much better at interacting with the firewall. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1431 Approved by: baude | ||
* | Vendor CNI plugins firewall code | Matthew Heon | 2018-09-10 |
The upstream CNI project has a PR open for adding iptables and firewalld support, but this has been stalled for the better part of a year upstream. On advice of several maintainers, we are vendoring this code into libpod, to perform the relevant firewall configuration ourselves. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1431 Approved by: baude |