@@ -9,6 +9,11 if [ "$ENABLE_IPTABLES" = true ] ; then | |||||
9 | # Create iptables configuration directory |
|
9 | # Create iptables configuration directory | |
10 | mkdir -p "${ETC_DIR}/iptables" |
|
10 | mkdir -p "${ETC_DIR}/iptables" | |
11 |
|
11 | |||
|
12 | # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives | |||
|
13 | chroot_exec update-alternatives --verbose --set iptables /usr/bin/iptables-legacy | |||
|
14 | chroot_exec update-alternatives --verbose --set iptables-save /usr/bin/iptables-legacy-save | |||
|
15 | chroot_exec update-alternatives --verbose --set iptables-restore /usr/bin/iptables-legacy-restore | |||
|
16 | ||||
12 | # Install iptables systemd service |
|
17 | # Install iptables systemd service | |
13 | install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" |
|
18 | install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" | |
14 |
|
19 |
@@ -6,7 +6,7 Before=sysinit.target | |||||
6 |
|
6 | |||
7 | [Service] |
|
7 | [Service] | |
8 | Type=oneshot |
|
8 | Type=oneshot | |
9 | ExecStart=/sbin/ip6tables-restore /etc/iptables/ip6tables.rules |
|
9 | ExecStart=/sbin/ip6tables-restore -w 5 /etc/iptables/ip6tables.rules | |
10 | ExecReload=/sbin/ip6tables-restore /etc/iptables/ip6tables.rules |
|
10 | ExecReload=/sbin/ip6tables-restore /etc/iptables/ip6tables.rules | |
11 | ExecStop=/etc/iptables/flush-ip6tables.sh |
|
11 | ExecStop=/etc/iptables/flush-ip6tables.sh | |
12 | RemainAfterExit=yes |
|
12 | RemainAfterExit=yes |
@@ -6,7 +6,7 Before=sysinit.target | |||||
6 |
|
6 | |||
7 | [Service] |
|
7 | [Service] | |
8 | Type=oneshot |
|
8 | Type=oneshot | |
9 | ExecStart=/sbin/iptables-restore /etc/iptables/iptables.rules |
|
9 | ExecStart=/sbin/iptables-restore -w 5 /etc/iptables/iptables.rules | |
10 | ExecReload=/sbin/iptables-restore /etc/iptables/iptables.rules |
|
10 | ExecReload=/sbin/iptables-restore /etc/iptables/iptables.rules | |
11 | ExecStop=/etc/iptables/flush-iptables.sh |
|
11 | ExecStop=/etc/iptables/flush-iptables.sh | |
12 | RemainAfterExit=yes |
|
12 | RemainAfterExit=yes |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant