@@ -1108,6 +1108,7 @@ The following daemon options must be configured for each daemon:

 -g, --graph=/var/lib/docker            Root of the Docker runtime

 -p, --pidfile=/var/run/docker.pid      Path to use for daemon PID file

 -H, --host=[]                          Daemon socket(s) to connect to

+--iptables=true                        Enable addition of iptables rules

 --config-file=/etc/docker/daemon.json  Daemon configuration file

 --tlscacert="~/.docker/ca.pem"         Trust certs signed only by this CA

 --tlscert="~/.docker/cert.pem"         Path to TLS certificate file

@@ -1126,6 +1127,10 @@ set this parameter separately for each daemon.

 - `-p, --pidfile=/var/run/docker.pid` is the path where the process ID of the daemon is stored. Specify the path for your

 pid file here.

 - `--host=[]` specifies where the Docker daemon will listen for client connections. If unspecified, it defaults to `/var/run/docker.sock`.

+- `--iptables=false` prevents the Docker daemon from adding iptables rules. If

+  multiple daemons manage iptables rules, they may overwrite rules set by

+  another daemon. Be aware that disabling this option requires you to manually

+  add iptables rules to expose container ports.

 - `--config-file=/etc/docker/daemon.json` is the path where configuration file is stored. You can use it instead of

 daemon flags. Specify the path for each daemon.

 - `--tls*` Docker daemon supports `--tlsverify` mode that enforces encrypted and authenticated remote connections.