Merge pull request #3801 from tianon/ip-forward

Add --ip-forward flag to daemon (enabled by default)
2022-11-09 12:21:53 -05:00 · 2014-01-28 11:17:45 -08:00 · 2014-01-28 11:17:45 -08:00 · 4ab59179e7
commit 4ab59179e7
parent d4ea6308fd cabe624c82
3 changed files with 12 additions and 0 deletions
--- a/config.go
+++ b/config.go
@ -13,6 +13,7 @@ type DaemonConfig struct {
 	EnableCors                  bool
 	Dns                         []string
 	EnableIptables              bool
+	EnableIpForward             bool
 	BridgeIface                 string
 	BridgeIp                    string
 	DefaultIp                   net.IP
@ -33,6 +34,7 @@ func ConfigFromJob(job *engine.Job) *DaemonConfig {
 		config.Dns = dns
 	}
 	config.EnableIptables = job.GetenvBool("EnableIptables")
+	config.EnableIpForward = job.GetenvBool("EnableIpForward")
 	if br := job.Getenv("BridgeIface"); br != "" {
 		config.BridgeIface = br
 	} else {
--- a/docker/docker.go
+++ b/docker/docker.go
@ -36,6 +36,7 @@ func main() {
 		flEnableCors         = flag.Bool([]string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API")
 		flDns                = docker.NewListOpts(docker.ValidateIp4Address)
 		flEnableIptables     = flag.Bool([]string{"#iptables", "-iptables"}, true, "Disable docker's addition of iptables rules")
+		flEnableIpForward    = flag.Bool([]string{"#ip-forward", "-ip-forward"}, true, "Disable enabling of net.ipv4.ip_forward")
 		flDefaultIp          = flag.String([]string{"#ip", "-ip"}, "0.0.0.0", "Default IP address to use when binding container ports")
 		flInterContainerComm = flag.Bool([]string{"#icc", "-icc"}, true, "Enable inter-container communication")
 		flGraphDriver        = flag.String([]string{"s", "-storage-driver"}, "", "Force the docker runtime to use a specific storage driver")
@ -88,6 +89,7 @@ func main() {
 		job.SetenvBool("EnableCors", *flEnableCors)
 		job.SetenvList("Dns", flDns.GetAll())
 		job.SetenvBool("EnableIptables", *flEnableIptables)
+		job.SetenvBool("EnableIpForward", *flEnableIpForward)
 		job.Setenv("BridgeIface", *bridgeName)
 		job.Setenv("BridgeIp", *bridgeIp)
 		job.Setenv("DefaultIp", *flDefaultIp)
--- a/network.go
+++ b/network.go
@ -9,6 +9,7 @@ import (
 	"github.com/dotcloud/docker/pkg/netlink"
 	"github.com/dotcloud/docker/proxy"
 	"github.com/dotcloud/docker/utils"
+	"io/ioutil"
 	"log"
 	"net"
 	"strconv"
@ -500,6 +501,13 @@ func newNetworkManager(config *DaemonConfig) (*NetworkManager, error) {

 	}

+	if config.EnableIpForward {
+		// Enable IPv4 forwarding
+		if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte{'1', '\n'}, 0644); err != nil {
+			log.Printf("WARNING: unable to enable IPv4 forwarding: %s\n", err)
+		}
+	}
+
 	portMapper, err := newPortMapper(config)
 	if err != nil {
 		return nil, err