mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-27 22:03:54 +03:00
Merge pull request #4983 from bosu/fw-stop-fix
firewall: clear rpfilter on stop
This commit is contained in:
commit
d0e15cc575
@ -187,6 +187,12 @@ let
|
||||
# Clean up after added ruleset
|
||||
ip46tables -D INPUT -j nixos-fw 2>/dev/null || true
|
||||
|
||||
${optionalString (kernelHasRPFilter && cfg.checkReversePath) ''
|
||||
if ! ip46tables -D PREROUTING -t raw -m rpfilter --invert -j DROP; then
|
||||
echo "<2>failed to stop rpfilter support" >&2
|
||||
fi
|
||||
''}
|
||||
|
||||
${cfg.extraStopCommands}
|
||||
'';
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user