mirror of
https://github.com/hwdsl2/openvpn-install.git
synced 2024-05-28 17:03:30 +02:00
Bugfix
- Fixed an issue with IPTables rules not persisting after a reboot, if both IPsec VPN and OpenVPN are installed on the same server. We restart the openvpn-iptables.service in /etc/rc.local to make sure the rules are added. Ref: https://github.com/hwdsl2/wireguard-install/issues/2
This commit is contained in:
parent
5dc64ce424
commit
d394509c7e
|
@ -435,6 +435,27 @@ EOF
|
|||
sysctl -e -q -p "$conf_opt"
|
||||
}
|
||||
|
||||
update_rclocal() {
|
||||
ipt_cmd="systemctl restart openvpn-iptables.service"
|
||||
if ! grep -qs "$ipt_cmd" /etc/rc.local; then
|
||||
if [ ! -f /etc/rc.local ]; then
|
||||
echo '#!/bin/sh' > /etc/rc.local
|
||||
else
|
||||
if [ "$os" = "ubuntu" ] || [ "$os" = "debian" ]; then
|
||||
sed --follow-symlinks -i '/^exit 0/d' /etc/rc.local
|
||||
fi
|
||||
fi
|
||||
cat >> /etc/rc.local <<EOF
|
||||
|
||||
$ipt_cmd
|
||||
EOF
|
||||
if [ "$os" = "ubuntu" ] || [ "$os" = "debian" ]; then
|
||||
echo "exit 0" >> /etc/rc.local
|
||||
fi
|
||||
chmod +x /etc/rc.local
|
||||
fi
|
||||
}
|
||||
|
||||
show_header() {
|
||||
cat <<'EOF'
|
||||
|
||||
|
@ -749,6 +770,7 @@ WantedBy=multi-user.target" >> /etc/systemd/system/openvpn-iptables.service
|
|||
systemctl enable --now openvpn-iptables.service >/dev/null 2>&1
|
||||
)
|
||||
fi
|
||||
update_rclocal
|
||||
# If SELinux is enabled and a custom port was selected, we need this
|
||||
if sestatus 2>/dev/null | grep "Current mode" | grep -q "enforcing" && [[ "$port" != 1194 ]]; then
|
||||
# Install semanage if not already present
|
||||
|
@ -972,6 +994,10 @@ else
|
|||
echo 0 > /proc/sys/net/ipv4/ip_forward
|
||||
echo 0 > /proc/sys/net/ipv6/conf/all/forwarding
|
||||
fi
|
||||
ipt_cmd="systemctl restart openvpn-iptables.service"
|
||||
if grep -qs "$ipt_cmd" /etc/rc.local; then
|
||||
sed --follow-symlinks -i "/^$ipt_cmd/d" /etc/rc.local
|
||||
fi
|
||||
if [[ "$os" = "debian" || "$os" = "ubuntu" ]]; then
|
||||
(
|
||||
set -x
|
||||
|
|
Loading…
Reference in New Issue
Block a user