Skip to content

Commit fc7c267

Browse files
committed
fix: use modprobe on nf_tables instead of ip_tables due to new backend
1 parent 54fb07f commit fc7c267

File tree

1 file changed

+7
-6
lines changed

1 file changed

+7
-6
lines changed

cvmassistants/firewall/setfirewall.sh

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,8 @@
99
# Requirements:
1010
# - Must be run as root
1111
# - Must run on Ubuntu
12-
# - iptables and UFW must be installed
12+
# - UFW must be installed
13+
# - Uses nftables backend (modern approach)
1314
#
1415
###############################################################################
1516

@@ -33,13 +34,13 @@ if ! grep -q "ID=ubuntu" /etc/os-release; then
3334
log_fatal "This script supports only Ubuntu. Aborting."
3435
fi
3536

36-
# Load ip_tables module
37-
log_info "Loading ip_tables module..."
38-
modprobe ip_tables 2>/dev/null
37+
# Load nftables modules (if not built-in)
38+
log_info "Loading nftables modules..."
39+
modprobe nf_tables 2>/dev/null
3940
if [ $? -ne 0 ]; then
40-
log_warn "Could not load ip_tables (module missing or already loaded)."
41+
log_warn "Could not load nf_tables (module missing or already loaded)."
4142
else
42-
log_info "ip_tables loaded successfully."
43+
log_info "nf_tables loaded successfully."
4344
fi
4445

4546
# Enable UFW

0 commit comments

Comments
 (0)