From 85347041a04d17f6803100dd2cec9b489c9db47d Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 12 Oct 2022 01:43:23 +0200 Subject: Port baseline to Debian 11 (codename Bullseye). --- roles/common/files/usr/local/sbin/update-firewall | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'roles/common/files/usr/local/sbin/update-firewall') diff --git a/roles/common/files/usr/local/sbin/update-firewall b/roles/common/files/usr/local/sbin/update-firewall index 4b3e5cf..e11e8a9 100755 --- a/roles/common/files/usr/local/sbin/update-firewall +++ b/roles/common/files/usr/local/sbin/update-firewall @@ -36,14 +36,14 @@ for idx in "${!INTERFACES[@]}"; do done # clear sets in the old rules before diff'ing with the new ones -nft list ruleset -sn >"$oldrules" +nft -sn list ruleset >"$oldrules" ip netns exec "$netns" nft -f - <"$oldrules" ip netns exec "$netns" nft flush set inet filter fail2ban || true ip netns exec "$netns" nft flush set inet filter fail2ban6 || true -ip netns exec "$netns" nft list ruleset -sn >"$oldrules" +ip netns exec "$netns" nft -sn list ruleset >"$oldrules" ip netns exec "$netns" nft -f - <"$script" -ip netns exec "$netns" nft list ruleset -sn >"$newrules" +ip netns exec "$netns" nft -sn list ruleset >"$newrules" ip netns del "$netns" netns= -- cgit v1.2.3