Pin iptables to 1.8.9 (legacy)

With Alpine 3.19, iptables gets bumped to 1.8.10 which uses nftables.
The host OS still uses iptables 1.8.7 (legacy), and we should
use legacy as well until the OS uses nftables.

See: https://balena.zulipchat.com/#narrow/stream/345889-balena-io.2Fos/topic/iptables.20host.20vs.2E.20nftables.20Supervisor
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
This commit is contained in:
Christina Ying Wang 2024-03-18 14:14:58 -07:00
parent 8b173918ea
commit 3d881347e7

View File

@ -58,7 +58,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends systemd
COPY ./build-utils/setup-journal.sh /
RUN /setup-journal.sh
###################################################
# Extra dependencies. This uses alpine 3.11 as the
# procmail package was removed on 3.12
@ -92,14 +91,18 @@ COPY mount-partitions.sh .
# Runtime dependencies
RUN apk add --update --no-cache \
$NODE \
iptables \
ip6tables \
rsync \
dbus \
dmidecode \
sqlite-libs \
lsblk
# Iptables should be pinned to 1.8.9 (legacy) as balenaOS still uses iptables-legacy
RUN apk add --update --no-cache \
--repository=http://dl-cdn.alpinelinux.org/alpine/v3.18/main \
iptables~=1.8.9 \
ip6tables~=1.8.9
ARG ARCH
ARG VERSION=master
ENV LED_FILE=/dev/null \