zabpehely
/
wireguard-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wg-quick: linux: try both iptables(8) and nft(8) on teardown 

Daniel argues that technically a package manager could install nft(8)
after previously having started wg-quick(8) using iptables(8).

Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2019-12-12 17:24:04 +01:00
parent 45417c5c0d
commit 6fbfa0d7bb
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/wg-quick/linux.bash
View File

@ -188,7 +188,8 @@ remove_firewall() {
[[ $table == *" wg-quick-$INTERFACE" ]] && printf -v nftcmd '%sdelete %s\n' "$nftcmd" "$table" [[ $table == *" wg-quick-$INTERFACE" ]] && printf -v nftcmd '%sdelete %s\n' "$nftcmd" "$table"
done < <(nft list tables 2>/dev/null) done < <(nft list tables 2>/dev/null)
[[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd") [[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd")
else fi
if type -p iptables >/dev/null; then
local line iptables found restore local line iptables found restore
for iptables in iptables ip6tables; do for iptables in iptables ip6tables; do
restore="" found=0 restore="" found=0