diff --git a/bootstrap.d/15-rpi-config.sh b/bootstrap.d/15-rpi-config.sh index 6979b04..5018fcf 100644 --- a/bootstrap.d/15-rpi-config.sh +++ b/bootstrap.d/15-rpi-config.sh @@ -95,7 +95,7 @@ if [ "$ENABLE_INITRAMFS" = true ] ; then fi # Disable RPi3 Bluetooth and restore ttyAMA0 serial device -if [ "$RPI_MODEL" = 3 ] ; then +if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt" echo "enable_uart=1" >> "${BOOT_DIR}/config.txt" @@ -133,7 +133,7 @@ fi if [ "$ENABLE_SPI" = true ] ; then echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt" echo "spi-bcm2708" >> "${R}/lib/modules-load.d/rpi2.conf" - if [ "$RPI_MODEL" = 3 ] ; then + if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then sed -i "s/spi-bcm2708/spi-bcm2835/" "${R}/lib/modules-load.d/rpi2.conf" fi fi diff --git a/bootstrap.d/21-firewall.sh b/bootstrap.d/21-firewall.sh index cf36c99..d5cd258 100644 --- a/bootstrap.d/21-firewall.sh +++ b/bootstrap.d/21-firewall.sh @@ -8,7 +8,12 @@ if [ "$ENABLE_IPTABLES" = true ] ; then # Create iptables configuration directory mkdir -p "${ETC_DIR}/iptables" - + + # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives + chroot_exec update-alternatives --verbose --set iptables /usr/bin/iptables-legacy + chroot_exec update-alternatives --verbose --set iptables-save /usr/bin/iptables-legacy-save + chroot_exec update-alternatives --verbose --set iptables-restore /usr/bin/iptables-legacy-restore + # Install iptables systemd service install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" diff --git a/files/iptables/ip6tables.service b/files/iptables/ip6tables.service index bb1644f..c5a5a90 100644 --- a/files/iptables/ip6tables.service +++ b/files/iptables/ip6tables.service @@ -6,7 +6,7 @@ Before=sysinit.target [Service] Type=oneshot -ExecStart=/sbin/ip6tables-restore /etc/iptables/ip6tables.rules +ExecStart=/sbin/ip6tables-restore -w 5 /etc/iptables/ip6tables.rules ExecReload=/sbin/ip6tables-restore /etc/iptables/ip6tables.rules ExecStop=/etc/iptables/flush-ip6tables.sh RemainAfterExit=yes diff --git a/files/iptables/iptables.service b/files/iptables/iptables.service index f5a1e89..0d234aa 100644 --- a/files/iptables/iptables.service +++ b/files/iptables/iptables.service @@ -6,7 +6,7 @@ Before=sysinit.target [Service] Type=oneshot -ExecStart=/sbin/iptables-restore /etc/iptables/iptables.rules +ExecStart=/sbin/iptables-restore -w 5 /etc/iptables/iptables.rules ExecReload=/sbin/iptables-restore /etc/iptables/iptables.rules ExecStop=/etc/iptables/flush-iptables.sh RemainAfterExit=yes