From bb0472bd23806327a1ff1ea87343a6a0cadc21e9 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Mon, 22 Jul 2019 17:22:13 +0200
Subject: [PATCH] Dockerfile: switch to iptables-legacy to match the host

CI runs on Ubuntu 16.04 machines, which use iptables (legacy), but
Debian buster uses nftables. Because of this, DNS resolution does not
work if the daemon configures iptables.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 Dockerfile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 638fa32328..87eed4ea89 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -284,6 +284,11 @@ RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \
             zip
 
 
+# Switch to use iptables instead of nftables (to match the host machine)
+RUN update-alternatives --set iptables  /usr/sbin/iptables-legacy  || true \
+ && update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy || true \
+ && update-alternatives --set arptables /usr/sbin/arptables-legacy || true
+
 RUN pip3 install yamllint==1.16.0
 
 COPY --from=dockercli     /build/ /usr/local/cli