wg-quick: linux: try both iptables(8) and nft(8) on teardown
Daniel argues that technically a package manager could install nft(8) after previously having started wg-quick(8) using iptables(8). Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld
parent
45417c5c0d
commit
6fbfa0d7bb
@ -188,7 +188,8 @@ remove_firewall() {
|
||||
[[ $table == *" wg-quick-$INTERFACE" ]] && printf -v nftcmd '%sdelete %s\n' "$nftcmd" "$table"
|
||||
done < <(nft list tables 2>/dev/null)
|
||||
[[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd")
|
||||
else
|
||||
fi
|
||||
if type -p iptables >/dev/null; then
|
||||
local line iptables found restore
|
||||
for iptables in iptables ip6tables; do
|
||||
restore="" found=0
|
||||
|
||||
Reference in New Issue
Block a user