|
 |
1d2da6 |
From af25d85a43eb2aa59a80c13aa214cbc5509b6815 Mon Sep 17 00:00:00 2001
|
|
|
1d2da6 |
From: Wen Liang <wenliang@redhat.com>
|
|
|
1d2da6 |
Date: Wed, 16 Jun 2021 22:43:32 +0200
|
|
|
1d2da6 |
Subject: [PATCH] firewall: Default to iptables backend to preserve behavior
|
|
|
1d2da6 |
|
|
|
1d2da6 |
For upsteam, the default is "nftables" (if nft is installed). On RHEL8, we will
|
|
|
1d2da6 |
always default to "iptables" to preserve behavior.
|
|
|
1d2da6 |
---
|
|
|
1d2da6 |
src/core/nm-firewall-utils.c | 9 +++------
|
|
|
1d2da6 |
1 file changed, 3 insertions(+), 6 deletions(-)
|
|
|
1d2da6 |
|
|
|
1d2da6 |
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c
|
|
|
1d2da6 |
index a2446553b76f..5525a677cb1d 100644
|
|
|
1d2da6 |
--- a/src/core/nm-firewall-utils.c
|
|
|
1d2da6 |
+++ b/src/core/nm-firewall-utils.c
|
|
|
1d2da6 |
@@ -744,12 +744,9 @@ nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared)
|
|
|
1d2da6 |
static NMFirewallBackend
|
|
|
1d2da6 |
_firewall_backend_detect(void)
|
|
|
1d2da6 |
{
|
|
|
1d2da6 |
- if (g_file_test(NFT_PATH, G_FILE_TEST_IS_EXECUTABLE))
|
|
|
1d2da6 |
- return NM_FIREWALL_BACKEND_NFTABLES;
|
|
|
1d2da6 |
- if (g_file_test(IPTABLES_PATH, G_FILE_TEST_IS_EXECUTABLE))
|
|
|
1d2da6 |
- return NM_FIREWALL_BACKEND_IPTABLES;
|
|
|
1d2da6 |
-
|
|
|
1d2da6 |
- return NM_FIREWALL_BACKEND_NFTABLES;
|
|
|
1d2da6 |
+ /* For upsteam, the default is "nftables" (if nft is installed). On RHEL8, we will
|
|
|
1d2da6 |
+ * always default to "iptables" to preserve behavior. */
|
|
|
1d2da6 |
+ return NM_FIREWALL_BACKEND_IPTABLES;
|
|
|
1d2da6 |
}
|
|
|
1d2da6 |
|
|
|
1d2da6 |
NMFirewallBackend
|
|
|
1d2da6 |
--
|
|
|
1d2da6 |
2.31.1
|
|
|
1d2da6 |
|