From e1034b60ed67a72cfcca3642cdfc5774a0e753ae Mon Sep 17 00:00:00 2001
From: ada mancini <adamancini@users.noreply.github.com>
Date: Thu, 26 Sep 2019 11:42:12 -0400
Subject: [PATCH] update iptables=false documentation (#9482)

make it clearer that this is not intended for end-users
---
 network/iptables.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/network/iptables.md b/network/iptables.md
index efedaa5574..d481d8f7db 100644
--- a/network/iptables.md
+++ b/network/iptables.md
@@ -53,9 +53,9 @@ for a lot more information.
 
 ## Prevent Docker from manipulating iptables
 
-To prevent Docker from manipulating the `iptables` policies at all, set the
-`iptables` key to `false` in `/etc/docker/daemon.json`. This is inappropriate
-for most users, because the `iptables` policies then need to be managed by hand.
+It is possible to set the `iptables` key to `false` in the Docker engine's configuration file at `/etc/docker.daemon.json`, but this option is not appropriate for most users.  It is not possible to completely prevent Docker from creating `iptables` rules, and creating them after-the-fact is extremely involved and beyond the scope of these instructions.  Setting `iptables` to `false` will more than likely break container networking for the Docker engine.
+
+For system integrators who wish to build the Docker runtime into other applications, explore the [`moby` project](https://mobyproject.org/).
 
 ## Next steps