|
 |
29b2d9 |
From 35fa1c22b6b6f89fd74f31186ec92ec70ed34af2 Mon Sep 17 00:00:00 2001
|
|
|
29b2d9 |
From: Wen Liang <wenliang@redhat.com>
|
|
|
29b2d9 |
Date: Wed, 16 Jun 2021 22:43:32 +0200
|
|
|
29b2d9 |
Subject: [PATCH 1/1] firewall: Default to iptables backend to preserve behavior
|
|
|
29b2d9 |
|
|
|
29b2d9 |
For upsteam, the default is "nftables" (if nft is installed). On RHEL8, we will
|
|
|
29b2d9 |
always default to "iptables" to preserve behavior.
|
|
|
29b2d9 |
---
|
|
|
29b2d9 |
src/core/nm-firewall-utils.c | 9 +++------
|
|
|
29b2d9 |
1 file changed, 3 insertions(+), 6 deletions(-)
|
|
|
29b2d9 |
|
|
|
29b2d9 |
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c
|
|
|
29b2d9 |
index 3f2251569fa0..f2712f3d72ab 100644
|
|
|
29b2d9 |
--- a/src/core/nm-firewall-utils.c
|
|
|
29b2d9 |
+++ b/src/core/nm-firewall-utils.c
|
|
|
29b2d9 |
@@ -744,12 +744,9 @@ nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared)
|
|
|
29b2d9 |
static NMFirewallBackend
|
|
|
29b2d9 |
_firewall_backend_detect(void)
|
|
|
29b2d9 |
{
|
|
|
29b2d9 |
- if (g_file_test(NFT_PATH, G_FILE_TEST_IS_EXECUTABLE))
|
|
|
29b2d9 |
- return NM_FIREWALL_BACKEND_NFTABLES;
|
|
|
29b2d9 |
- if (g_file_test(IPTABLES_PATH, G_FILE_TEST_IS_EXECUTABLE))
|
|
|
29b2d9 |
- return NM_FIREWALL_BACKEND_IPTABLES;
|
|
|
29b2d9 |
-
|
|
|
29b2d9 |
- return NM_FIREWALL_BACKEND_NFTABLES;
|
|
|
29b2d9 |
+ /* For upsteam, the default is "nftables" (if nft is installed). On RHEL8, we will
|
|
|
29b2d9 |
+ * always default to "iptables" to preserve behavior. */
|
|
|
29b2d9 |
+ return NM_FIREWALL_BACKEND_IPTABLES;
|
|
|
29b2d9 |
}
|
|
|
29b2d9 |
|
|
|
29b2d9 |
NMFirewallBackend
|
|
|
29b2d9 |
--
|
|
|
29b2d9 |
2.31.1
|
|
|
29b2d9 |
|