holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Check for wait option if we don't have capabilities

Browse Source 
Only check for iptables --wait option if we don't already have existing
capabilities. If we have some and they're not up2date / don't match,
it will issue a warning anyway.
If a valid capabilities file exists, it will already cover whether we
can use --wait or not, that's what WAIT_OPTION is for.

Signed-off-by: Christian Ruppert <idl0r@qasl.de>
This commit is contained in:
Christian Ruppert 2022-04-02 11:49:25 +02:00
parent c941cf4bb5
commit 8b0d829531
No known key found for this signature in database
GPG Key ID: C3B1D3399DC38675
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Shorewall/Perl/Shorewall/Config.pm
View File

@ -5816,9 +5816,10 @@ sub get_capabilities($)
fatal_error "Can't find $toolname executable" unless $iptables = which $toolname;
}
#
# Determine if iptables supports the -w option
# Determine if iptables supports the -w option unless we already have
# existing capabilities
#
$iptablesw = qt1( "$iptables -w -n -L INPUT") ? '-w' : '';
$iptablesw = qt1( "$iptables -w -n -L INPUT") ? '-w' : '' unless $_[0];
my $iptables_restore=$iptables . '-restore';