Nope, I just tested and the rootful podman service doesn’t touch any iptables/firewall rules.
It uses what is called a “CNI”, container network interface, to manage container networking rather than just overwriting all the iptables rules like docker does.
Yeah that’s a gripe of mine. Thankfully podman doesn’t do that.
Docker also sometimes breaks lxd and libvirt networking by changing the default forward policy from accept to drop.
I think podman by default does do that, but it’s easy to disable almost all of it, at least.
Nope, I just tested and the rootful podman service doesn’t touch any iptables/firewall rules.
It uses what is called a “CNI”, container network interface, to manage container networking rather than just overwriting all the iptables rules like docker does.