Conversation
|
All I really wanted was a diff between my branch and the master, not every delete and upload I did. There must be a cleaner way than what you see here that I missed. Please advise. |
|
At least the file changes show the actual changes requested. |
Need to ensure nftables is not installed.
Move purge nftables.
add purge ntables to multiple versions of debian
Move purge nftables
Forget removing nftables.conf
Look for the iptables rule v4 file; if missing, nftables was chosen, so move forward with nftables fail2ban installation.
|
I had to change the if statement to make sure /etc/iptables/rules.v4 is not there in the case of nftables being uncommented and iptables being commented out on install.sh. If it is there, it just copies the iptables version of jail.local, and no modification of /etc/fail2ban/jail.conf is needed by sed, as is the case for nftables. I have tested both install scenarios, nftables and iptables, and they work perfectly. The reason for the change was that iptables is really iptables-nft, and it will install nftables, so there will always be a /etc/nftables whether iptables or nftables is used. |
1 participant
Add an nftables entry to install.sh, which is commented out by default. Iptables can be commented out, and nftables uncommented to install nftables instead.
If nftables is installed, fail2ban.sh looks to ensure that /etc/iptables/rules.v4 is not present, if it is not present, then it copies an nftables version of jail.local and uses sed to edit /etc/fail2ban/jail.conf to work with nftables.
If it does find /etc/iptables/rules.v4, then it copies the iptables version of jail.local.
It appears that iptables requires nftables, and iptables is really iptables-nft.