From 7b41c8c00bc20f0a27f87bbf2c41d57d4c62cdc4 Mon Sep 17 00:00:00 2001 From: Brian Stack Date: Thu, 23 Apr 2020 23:13:07 -0700 Subject: [PATCH] Drop invalid packets to deal with moby/libnetwork#1090 --- scripts/ubuntu-bionic/30-networking.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 scripts/ubuntu-bionic/30-networking.sh diff --git a/scripts/ubuntu-bionic/30-networking.sh b/scripts/ubuntu-bionic/30-networking.sh new file mode 100644 index 0000000..89e5832 --- /dev/null +++ b/scripts/ubuntu-bionic/30-networking.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +set -exv + +# init helpers +helpers_dir=${MONOPACKER_HELPERS_DIR:-"/etc/monopacker/scripts"} +. ${helpers_dir}/*.sh + +# https://github.com/moby/libnetwork/issues/1090 +retry apt install -y iptables-persistent +iptables -I INPUT -m conntrack --ctstate INVALID -j DROP +iptables-save > /etc/iptables/rules.v4