tweaking

2025-07-02 01:27:27 -04:00 · 2024-03-15 22:41:12 +01:00
parent b0a6ce432a
commit 3546e31a7c
13 changed files with 36 additions and 27 deletions
--- a/docker/tpotinit/dist/bin/rules.sh
+++ b/docker/tpotinit/dist/bin/rules.sh
@ -57,11 +57,11 @@ fi
 ### Setting up iptables-legacy rules for glutton
 if [ "$myNFQCHECK" == "glutton" ];
  then
-    iptables-legacy -w -t raw -A PREROUTING -s 127.0.0.1 -j ACCEPT
-    iptables-legacy -w -t raw -A PREROUTING -d 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -A PREROUTING -s 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -A PREROUTING -d 127.0.0.1 -j ACCEPT

    for myPORT in $myRULESPORTS; do
-      iptables-legacy -w -t raw -A PREROUTING -p tcp --dport $myPORT -j ACCEPT
+      iptables -w -t mangle -A PREROUTING -p tcp --dport $myPORT -j ACCEPT
    done
    # No need for NFQ forwarding, such rules are set up by glutton
 fi
@ -84,11 +84,11 @@ fi
 ### Removing iptables-legacy rules for glutton
 if [ "$myNFQCHECK" == "glutton" ];
  then
-    iptables-legacy -w -t raw -D PREROUTING -s 127.0.0.1 -j ACCEPT
-    iptables-legacy -w -t raw -D PREROUTING -d 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -D PREROUTING -s 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -D PREROUTING -d 127.0.0.1 -j ACCEPT

    for myPORT in $myRULESPORTS; do
-      iptables-legacy -w -t raw -D PREROUTING -p tcp --dport $myPORT -j ACCEPT
+      iptables -w -t mangle -D PREROUTING -p tcp --dport $myPORT -j ACCEPT
    done
    # No need for removing NFQ forwarding, such rules are removed by glutton
 fi
--- a/docker/tpotinit/dist/entrypoint.sh
+++ b/docker/tpotinit/dist/entrypoint.sh
@ -17,6 +17,7 @@ cleanup() {
      echo
  fi
  kill -TERM "$PID"
+  rm -f /tmp/success
  echo "# Cleanup done."
  echo
 }