fix(firewall): log warning if ipv6 nat filter not supported instead of returning an error

- Allow to port forward redirect for IPv4 and not IPv6 if IPv6 NAT is not supported - Fix #2503
2024-10-05 07:52:30 +00:00
parent 7ebbaf4351
commit 3d6d03b327
3 changed files with 20 additions and 0 deletions
--- a/internal/firewall/interfaces.go
+++ b/internal/firewall/interfaces.go
@@ -9,5 +9,6 @@ type CmdRunner interface {
 type Logger interface {
 	Debug(s string)
 	Info(s string)
 	Warn(s string)
 	Error(s string)
 }
--- a/internal/firewall/iptables.go
+++ b/internal/firewall/iptables.go
@@ -239,6 +239,13 @@ func (c *Config) redirectPort(ctx context.Context, intf string,
 			appendOrDelete(remove), interfaceFlag, destinationPort),
 	})
 	if err != nil {
 		errMessage := err.Error()
 		if strings.Contains(errMessage, "can't initialize ip6tables table `nat': Table does not exist") {
 			if !remove {
 				c.logger.Warn("IPv6 port redirection disabled because your kernel does not support IPv6 NAT: " + errMessage)
 			}
 			return nil
 		}
 		return fmt.Errorf("redirecting IPv6 source port %d to destination port %d on interface %s: %w",
 			sourcePort, destinationPort, intf, err)
 	}
--- a/internal/firewall/mocks_test.go
+++ b/internal/firewall/mocks_test.go
@@ -107,3 +107,15 @@ func (mr *MockLoggerMockRecorder) Info(arg0 interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Info", reflect.TypeOf((*MockLogger)(nil).Info), arg0)
 }
 // Warn mocks base method.
 func (m *MockLogger) Warn(arg0 string) {
 	m.ctrl.T.Helper()
 	m.ctrl.Call(m, "Warn", arg0)
 }
 // Warn indicates an expected call of Warn.
 func (mr *MockLoggerMockRecorder) Warn(arg0 interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Warn", reflect.TypeOf((*MockLogger)(nil).Warn), arg0)
 }