f9639f0dae
podman is moving from cni to netavark. Netavark supports currently only iptables, so I was in touch some time ago with mainstream maintainer and provided a "none" firewall driver - to make it possible to use netavark without firewalling features. Driver cannot be selected at this time without environment variable that selects it, so I made a config file for openwrt and a wrapper script that takes advantage of it. Available options are iptables, nftables and none - but selecting nftables just tells user that nftables isn't yet supported. firewall "none" driver is not yet included in release, so that's why we use git version instead. I chose latest commit instead of commit with none driver. Description: Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applicable for other OCI container management applications. Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
6 lines
164 B
Bash
Executable file
6 lines
164 B
Bash
Executable file
#!/bin/sh
|
|
|
|
FW_DRIVER=$(uci -q get 'netavark.@firewall[0].driver')
|
|
[ -z "$FW_DRIVER" ] && FW_DRIVER="none"
|
|
|
|
NETAVARK_FW="$FW_DRIVER" /usr/lib/podman/netavark-bin $@
|