Make sure that ip6_tables module is loaded
This commit is contained in:
parent
3f27309d8c
commit
b79732ed1e
|
@ -185,16 +185,18 @@ if [ -z "$DISABLE_FIREWALL" ]; then
|
|||
# Install `ufw` which provides a simple firewall configuration.
|
||||
apt_install ufw
|
||||
|
||||
# Make sure the system has a default policy to accept incoming connections
|
||||
sed -i "s/DEFAULT_INPUT_POLICY.*/DEFAULT_INPUT_POLICY=\"ACCEPT\"/" /etc/default/ufw
|
||||
|
||||
# If IPV6 is disabled we should disable it in the ufw defaults
|
||||
if [ -z "$PUBLIC_IPV6" ]; then
|
||||
sed -i "s/IPV6.*/IPV6=no/" /etc/default/ufw
|
||||
else
|
||||
sed -i "s/IPV6.*/IPV6=yes/" /etc/default/ufw
|
||||
# Some providers don't load the ip6_tables kernel module (Scaleway)
|
||||
if [ -z "`lsmod | grep ^ip6_tables`" ]; then
|
||||
echo ip6_tables >> /etc/modules
|
||||
modprobe ip6_tables
|
||||
fi
|
||||
|
||||
# Some default configurations disable the firewall in the settings (Scaleway)
|
||||
# If this isn't set, enabling the firewall will fail with:
|
||||
#
|
||||
# ERROR: Could not load logging rules
|
||||
sed -i "s/ENABLED.*/ENABLED=yes/" /etc/ufw/ufw.conf
|
||||
|
||||
# Allow incoming connections to SSH.
|
||||
ufw_allow ssh;
|
||||
|
||||
|
|
Loading…
Reference in New Issue