From b79732ed1e5ffd6149b35d18a44c79573d27d1e0 Mon Sep 17 00:00:00 2001 From: Michael Kroes Date: Sun, 13 Mar 2016 07:45:32 +0100 Subject: [PATCH] Make sure that ip6_tables module is loaded --- setup/system.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/setup/system.sh b/setup/system.sh index b6584cc4..9d2c636d 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -185,16 +185,18 @@ if [ -z "$DISABLE_FIREWALL" ]; then # Install `ufw` which provides a simple firewall configuration. apt_install ufw - # Make sure the system has a default policy to accept incoming connections - sed -i "s/DEFAULT_INPUT_POLICY.*/DEFAULT_INPUT_POLICY=\"ACCEPT\"/" /etc/default/ufw - - # If IPV6 is disabled we should disable it in the ufw defaults - if [ -z "$PUBLIC_IPV6" ]; then - sed -i "s/IPV6.*/IPV6=no/" /etc/default/ufw - else - sed -i "s/IPV6.*/IPV6=yes/" /etc/default/ufw + # Some providers don't load the ip6_tables kernel module (Scaleway) + if [ -z "`lsmod | grep ^ip6_tables`" ]; then + echo ip6_tables >> /etc/modules + modprobe ip6_tables fi + # Some default configurations disable the firewall in the settings (Scaleway) + # If this isn't set, enabling the firewall will fail with: + # + # ERROR: Could not load logging rules + sed -i "s/ENABLED.*/ENABLED=yes/" /etc/ufw/ufw.conf + # Allow incoming connections to SSH. ufw_allow ssh;