admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: only run ip6tables if it is supported by the Kernel (#431)

Browse Source 
- Fix #430
This commit is contained in:
Quentin McGaw
2021-04-19 14:35:29 -04:00
committed by GitHub
parent 44d8cf9d4e
commit e0e56595c6
3 changed files with 33 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
internal/firewall/ip6tables.go
View File

@@ -5,12 +5,22 @@ import (
"errors"
"fmt"
"strings"
"github.com/qdm12/golibs/command"
)
var (
ErrIP6Tables = errors.New("failed ip6tables command")
ErrIP6Tables = errors.New("failed ip6tables command")
ErrIP6NotSupported = errors.New("ip6tables not supported")
)
func ip6tablesSupported(ctx context.Context, commander command.Commander) (supported bool) {
if _, err := commander.Run(ctx, "ip6tables", "-L"); err != nil {
return false
}
return true
}
func (c *configurator) runIP6tablesInstructions(ctx context.Context, instructions []string) error {
for _, instruction := range instructions {
if err := c.runIP6tablesInstruction(ctx, instruction); err != nil {
@@ -21,6 +31,9 @@ func (c *configurator) runIP6tablesInstructions(ctx context.Context, instruction
}
func (c *configurator) runIP6tablesInstruction(ctx context.Context, instruction string) error {
if !c.ip6Tables {
return nil
}
c.ip6tablesMutex.Lock() // only one ip6tables command at once
defer c.ip6tablesMutex.Unlock()
if c.debug {