I had a look at YaST Firewall for some reason and found there on at least 2 TW installs (more I didn’t check yet, all KDE plain vanilla without docker installed according to YaST Software Management) in YaST Firewall -> Interfaces a strange “docker0” interface with zone “docker”.
Although an interface can be removed a number of ways (YaST > Network Settings, manually removing interface files, etc) IMO if your Firewall doesn’t enable and match a zone to the interface, it’s not likely going to be doing anything… But you can check by running the following which lists your active interfaces
- Add firewalld zone for the docker0 interface. This is the
workaround for lack of nftables support in docker. Without that
additional zone, containers have no Internet connectivity.
(rhbz#1817022)
OK, deleting /usr/lib/firewalld/zones/docker-zone.xml does the job for the moment, most likely this interface will re-appear after the next update of firewalld. It’s simply rude to add random interfaces to the firewall on other peoples computers.
This “patch/hack” could be added when installing docker, no need to have that on machines that simply don’t need that.