@@ -3,7 +3,7 @@

 # LIBNETWORK_COMMIT is used to build the docker-userland-proxy binary. When

 # updating the binary version, consider updating github.com/docker/libnetwork

 # in vendor.conf accordingly

-: "${LIBNETWORK_COMMIT:=6b51d028f4bbb9a4cc8d3eaba13baa9f848af546}"

+: "${LIBNETWORK_COMMIT:=a543cbc4871f904b0efe205708eb45d72e65fd8b}"

 install_proxy() {

 	case "$1" in

@@ -47,7 +47,7 @@ github.com/grpc-ecosystem/go-grpc-middleware        3c51f7f332123e8be5a157c0802a

 # libnetwork

 # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly

-github.com/docker/libnetwork                        6b51d028f4bbb9a4cc8d3eaba13baa9f848af546 

+github.com/docker/libnetwork                        a543cbc4871f904b0efe205708eb45d72e65fd8b

 github.com/docker/go-events                         e31b211e4f1cd09aa76fe4ac244571fab96ae47f

 github.com/armon/go-radix                           e39d623f12e8e41c7b5529e9a9dd67a1e2261f80

 github.com/armon/go-metrics                         eb0af217e5e9747e41dd5303755356b62d28e3ec

@@ -1055,7 +1055,7 @@ func CreateOptionLoadBalancer() EndpointOption {

 // JoinOptionPriority function returns an option setter for priority option to

 // be passed to the endpoint.Join() method.

-func JoinOptionPriority(ep Endpoint, prio int) EndpointOption {

+func JoinOptionPriority(prio int) EndpointOption {

 	return func(ep *endpoint) {

 		// ep lock already acquired

 		c := ep.network.getController()

@@ -151,7 +151,7 @@ func (pm *PortMapper) MapRange(container net.Addr, hostIP net.IP, hostPortStart,

 	}

 	containerIP, containerPort := getIPAndPort(m.container)

-	if hostIP.To4() != nil || hostIP.To16() != nil {

+	if pm.checkIP(hostIP) {

 		if err := pm.AppendForwardingTableEntry(m.proto, hostIP, allocatedHostPort, containerIP.String(), containerPort); err != nil {

 			return nil, err

 		}

@@ -160,7 +160,7 @@ func (pm *PortMapper) MapRange(container net.Addr, hostIP net.IP, hostPortStart,

 	cleanup := func() error {

 		// need to undo the iptables rules before we return

 		m.userlandProxy.Stop()

-		if hostIP.To4() != nil || hostIP.To16() != nil {

+		if pm.checkIP(hostIP) {

 			pm.DeleteForwardingTableEntry(m.proto, hostIP, allocatedHostPort, containerIP.String(), containerPort)

 			if err := pm.Allocator.ReleasePort(hostIP, m.proto, allocatedHostPort); err != nil {

 				return err

@@ -44,3 +44,11 @@ func (pm *PortMapper) forward(action iptables.Action, proto string, sourceIP net

 	}

 	return pm.chain.Forward(action, sourceIP, sourcePort, proto, containerIP, containerPort, pm.bridgeName)

 }

+

+// checkIP checks if IP is valid and matching to chain version

+func (pm *PortMapper) checkIP(ip net.IP) bool {

+	if pm.chain == nil || pm.chain.IPTable.Version == iptables.IPv4 {

+		return ip.To4() != nil

+	}

+	return ip.To16() != nil

+}

@@ -29,3 +29,9 @@ func (pm *PortMapper) AppendForwardingTableEntry(proto string, sourceIP net.IP,

 func (pm *PortMapper) DeleteForwardingTableEntry(proto string, sourceIP net.IP, sourcePort int, containerIP string, containerPort int) error {

 	return nil

 }

+

+// checkIP checks if IP is valid and matching to chain version

+func (pm *PortMapper) checkIP(ip net.IP) bool {

+	// no IPv6 for port mapper on windows -> only IPv4 valid

+	return ip.To4() != nil

+}