Where is /etc/default/docker in the Docker snap?

Hi everyone,

I just started experimenting with Docker and am now trying the snap version. Currently Docker doesn’t respect UFW unless you add following line to /etc/default/docker

DOCKER_OPTS="–iptables=false"

However I can’t for my life find out where this config file lives in a snappy world.

More info: https://www.techrepublic.com/article/how-to-fix-the-docker-and-ufw-security-flaw/

There is not a /etc/default/docker file for the snap, but you can edit the daemon.json to include the iptables key i.e.

{
    "log-level":        "error",
    "storage-driver":   "overlay2",
    "iptables": false
}

however this will have other side effects and as such is not recommended by the upstream docker docs:

It is possible to set the iptables key to false in the Docker engine’s configuration file at /etc/docker/daemon.json , but this option is not appropriate for most users. It is not possible to completely prevent Docker from creating iptables rules, and creating them after-the-fact is extremely involved and beyond the scope of these instructions. Setting iptables to false will more than likely break container networking for the Docker engine.

Thanks for your fast reply and sorry for my slow one :slight_smile: After reading up on this I will take your advice and not mess with Dockers iptables. It seems more trouble than its worth.