mirror/openvpn-install
1
0
Fork 0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-23 21:46:08 +03:00
Code Issues Projects Releases Wiki Activity

Improve nf_tables test for OVZ

Browse Source 
This test is more reliable and flexible.
This commit is contained in:
Nyr 2020-05-05 18:23:21 +02:00
parent 2852150a5b
commit 07249185dd
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openvpn-install.sh
View File

@ -348,9 +348,9 @@ crl-verify crl.pem" >> /etc/openvpn/server/server.conf
# Create a service to set up persistent iptables rules # Create a service to set up persistent iptables rules
iptables_path=$(command -v iptables) iptables_path=$(command -v iptables)
ip6tables_path=$(command -v ip6tables) ip6tables_path=$(command -v ip6tables)
# Old OpenVZ kernels don't have nf_tables support # nf_tables is not available as standard in OVZ kernels. So use iptables-legacy
# iptables-nft is the default in Debian 10, but we need to use iptables-legacy # if we are in OVZ, with a nf_tables backend and iptables-legacy is available.
if [[ "$os" == "debian" && "$os_version" -eq 10 && "$(systemd-detect-virt)" == "openvz" ]]; then if [[ $(systemd-detect-virt) == "openvz" ]] && readlink -f $(command -v iptables) | grep -q "nft" && hash iptables-legacy 2>/dev/null; then
iptables_path=$(command -v iptables-legacy) iptables_path=$(command -v iptables-legacy)
ip6tables_path=$(command -v ip6tables-legacy) ip6tables_path=$(command -v ip6tables-legacy)
fi fi