Univention Bugzilla – Bug 43318
20_docker.sh firewall: two inverse rules
Last modified: 2020-07-04 16:53:04 CEST
/etc/univention/templates/files/etc/security/packetfilter.d/20_docker.sh 44 iptables -A FORWARD -i docker0 ! -o docker0 -j ACCEPT 45 iptables -A FORWARD -i docker0 -o docker0 -j ACCEPT This is either wrong or too complicated, in which case it should be simplified to prevent futher questions
This issue has been filed against UCS 4.2. UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.
Can please someone tell we what's happening here? As we're talking about a security feature here, it should be obvious what is wanted here. By the way: I have observed it multiple times by now, that the docker rules are duplicated after some time, that is every rule exists multiple times. See Bug #50983 comment 2 for an example.