When i running docker daemon with icc=false and iptables=true paramaters, docker daemon just added docker network ipS to iptables. This is a big problem because rancher-agent not added castle ips on the cluster nodes. For the security communication between the containers , should work in these parameters. Otherwise they will be able to talk to each other conrainers.
Section:2.1 & 2.3