aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/tools/wg-quick/linux.bash
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2019-12-12 17:24:04 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2019-12-12 17:24:04 +0100
commit21a1498f161f7347cbf96316c21a924d569849c1 (patch)
tree50f545080a07a8c39b1160a4969db90221a4355a /src/tools/wg-quick/linux.bash
parentversion: bump snapshot (diff)
downloadwireguard-monolithic-historical-21a1498f161f7347cbf96316c21a924d569849c1.tar.xz
wireguard-monolithic-historical-21a1498f161f7347cbf96316c21a924d569849c1.zip
wg-quick: linux: try both iptables(8) and nft(8) on teardown
Daniel argues that technically a package manager could install nft(8) after previously having started wg-quick(8) using iptables(8). Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Diffstat (limited to 'src/tools/wg-quick/linux.bash')
-rwxr-xr-xsrc/tools/wg-quick/linux.bash3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/tools/wg-quick/linux.bash b/src/tools/wg-quick/linux.bash
index d52bad3..423a2c7 100755
--- a/src/tools/wg-quick/linux.bash
+++ b/src/tools/wg-quick/linux.bash
@@ -188,7 +188,8 @@ remove_firewall() {
[[ $table == *" wg-quick-$INTERFACE" ]] && printf -v nftcmd '%sdelete %s\n' "$nftcmd" "$table"
done < <(nft list tables 2>/dev/null)
[[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd")
- else
+ fi
+ if type -p iptables >/dev/null; then
local line iptables found restore
for iptables in iptables ip6tables; do
restore="" found=0