Consider setting iptables to false in docker daemon.json on the Vulnbox

[ldruschk]

During Enowars 8, while everything was working as expected w.r.t Docker networking on the vulnboxes, we did not actually understand why in some cases. Thus we should evaluate whether we can simply set iptables to false and let the docker-proxy handle everything to get rid of the complexity related to Docker iptables

[Trolldemorted]

Reference at https://docs.docker.com/reference/cli/dockerd/ says

Be aware that disabling this option requires you to manually add iptables rules to expose container ports. If you prevent Docker from adding iptables rules, Docker also doesn't add IP masquerading rules, even if you set --ip-masq to true. Without IP masquerading rules, Docker containers can't connect to external hosts or the internet when using network other than default bridge.

[ldruschk]

It should still work due to the docker-proxy process, bur the documentation for that is really lacking. The only thing that should break are connections between containers which are not connected to the same bridge, but that should not be a problem but instead even desirable