From 8cf2863c4a33503f586c40ab4b5bba51927d5fdf Mon Sep 17 00:00:00 2001
From: Chamhaw <9896402+chamhaw@users.noreply.github.com>
Date: Wed, 7 Sep 2022 16:01:14 +0800
Subject: [PATCH] add iptables option to the docker daemon

---
 cmd/drone-docker/main.go | 6 ++++++
 docker.go                | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/cmd/drone-docker/main.go b/cmd/drone-docker/main.go
index d467591d..c2f506dd 100644
--- a/cmd/drone-docker/main.go
+++ b/cmd/drone-docker/main.go
@@ -104,6 +104,11 @@ func main() {
 			Usage:  "docker daemon executes in debug mode",
 			EnvVar: "PLUGIN_DEBUG,DOCKER_LAUNCH_DEBUG",
 		},
+		cli.BoolFlag{
+			Name:   "daemon.iptables",
+			Usage:  "docker daemon disable addition of iptables rules if set to true. Default false",
+			EnvVar: "PLUGIN_IPTABLES_OFF",
+		},
 		cli.BoolFlag{
 			Name:   "daemon.off",
 			Usage:  "don't start the docker daemon",
@@ -321,6 +326,7 @@ func run(c *cli.Context) error {
 			Insecure:      c.Bool("daemon.insecure"),
 			Disabled:      c.Bool("daemon.off"),
 			IPv6:          c.Bool("daemon.ipv6"),
+			IPTablesOff:   c.Bool("daemon.iptables"),
 			Debug:         c.Bool("daemon.debug"),
 			Bip:           c.String("daemon.bip"),
 			DNS:           c.StringSlice("daemon.dns"),
diff --git a/docker.go b/docker.go
index 236065de..4e969bac 100644
--- a/docker.go
+++ b/docker.go
@@ -23,6 +23,7 @@ type (
 		Debug         bool     // Docker daemon started in debug mode
 		Bip           string   // Docker daemon network bridge IP address
 		DNS           []string // Docker daemon dns server
+		IPTablesOff   bool     // docker daemon enable/disable addition of iptables rules
 		DNSSearch     []string // Docker daemon dns search domain
 		MTU           string   // Docker daemon mtu setting
 		IPv6          bool     // Docker daemon IPv6 networking
@@ -482,6 +483,9 @@ func commandDaemon(daemon Daemon) *exec.Cmd {
 	if daemon.Experimental {
 		args = append(args, "--experimental")
 	}
+	if daemon.IPTablesOff {
+		args = append(args, "--iptables=false")
+	}
 	return exec.Command(dockerdExe, args...)
 }