From 87b7aeca1e2286950576fe0384404a33b9b8732b Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Mon, 9 May 2016 21:35:11 +0000 Subject: [PATCH] Nobody asked docker to override dns servers, yet it does Signed-off-by: Patrick Uiterwijk --- roles/base/templates/iptables/iptables.osbs-stg | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/base/templates/iptables/iptables.osbs-stg b/roles/base/templates/iptables/iptables.osbs-stg index 2b1c80e49b..219164c0b9 100644 --- a/roles/base/templates/iptables/iptables.osbs-stg +++ b/roles/base/templates/iptables/iptables.osbs-stg @@ -40,6 +40,10 @@ -A OUTPUT -p udp -m udp -d 10.5.126.21 --dport 53 -j ACCEPT -A OUTPUT -p udp -m udp -d 10.5.126.22 --dport 53 -j ACCEPT +# Docker is CRAZY and forces Google DNS upon us..... +-A OUTPUT -p udp -m udp -d 8.8.8.8 --dport 53 -j ACCEPT +-A OUTPUT -p udp -m udp -d 8.8.4.4 --dport 53 -j ACCEPT + # bastion smtp -A OUTPUT -p tcp -m tcp -d 10.5.126.12 --dport 25 -j ACCEPT