Merge pull request #44 from CodeNow/remove-iptable

Nathan219 · web-flow · commit 3fd3c7e00ba8 · 2017-03-10T17:08:19.000-08:00
Remove iptable
diff --git a/lib/iptables.sh b/lib/iptables.sh
@@ -12,10 +12,10 @@ iptables::run_rules() {
 
   # drop all new traffic from container ip to runnable infra
   iptables -I FORWARD -s ${DOCKER_NETWORK} -d 10.0.0.0/8 -m state --state NEW -j DROP
-  # log container traffic for PSAD
-  iptables -I FORWARD -s ${DOCKER_NETWORK} -j LOG
+
   # drop all local container to container traffic
   iptables -I FORWARD -s ${DOCKER_NETWORK} -d ${DOCKER_NETWORK} -j DROP
+
   # allow consul access (should be before drop)
   iptables -I FORWARD -s ${DOCKER_NETWORK} -d ${CONSUL_HOSTNAME} -j ACCEPT
 
