wg-quick: linux: try both iptables(8) and nft(8) on teardown
Daniel argues that technically a package manager could install nft(8) after previously having started wg-quick(8) using iptables(8). Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
45417c5c0d
commit
6fbfa0d7bb
1 changed files with 2 additions and 1 deletions
|
@ -188,7 +188,8 @@ remove_firewall() {
|
||||||
[[ $table == *" wg-quick-$INTERFACE" ]] && printf -v nftcmd '%sdelete %s\n' "$nftcmd" "$table"
|
[[ $table == *" wg-quick-$INTERFACE" ]] && printf -v nftcmd '%sdelete %s\n' "$nftcmd" "$table"
|
||||||
done < <(nft list tables 2>/dev/null)
|
done < <(nft list tables 2>/dev/null)
|
||||||
[[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd")
|
[[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd")
|
||||||
else
|
fi
|
||||||
|
if type -p iptables >/dev/null; then
|
||||||
local line iptables found restore
|
local line iptables found restore
|
||||||
for iptables in iptables ip6tables; do
|
for iptables in iptables ip6tables; do
|
||||||
restore="" found=0
|
restore="" found=0
|
||||||
|
|
Loading…
Reference in a new issue