fix(firewall): log warning if ipv6 nat filter not supported instead of returning an error

- Allow to port forward redirect for IPv4 and not IPv6 if IPv6 NAT is not supported - Fix #2503
2024-10-05 07:52:30 +00:00
parent 7ebbaf4351
commit 3d6d03b327
3 changed files with 20 additions and 0 deletions
--- a/internal/firewall/iptables.go
+++ b/internal/firewall/iptables.go
@@ -239,6 +239,13 @@ func (c *Config) redirectPort(ctx context.Context, intf string,
 			appendOrDelete(remove), interfaceFlag, destinationPort),
 	})
 	if err != nil {
+		errMessage := err.Error()
+		if strings.Contains(errMessage, "can't initialize ip6tables table `nat': Table does not exist") {
+			if !remove {
+				c.logger.Warn("IPv6 port redirection disabled because your kernel does not support IPv6 NAT: " + errMessage)
+			}
+			return nil
+		}
 		return fmt.Errorf("redirecting IPv6 source port %d to destination port %d on interface %s: %w",
 			sourcePort, destinationPort, intf, err)
 	}