Install of iptables causes failure #29
Description
The docker mod installs iptables by default.
root/etc/s6-overlay/s6-rc.d/init-mod-universal-tailscale/run
if [ -f /usr/bin/apt ]; then
echo "\
jq \
iptables" >> /mod-repo-packages-to-install.list
fi
This results in the error
2024/11/03 16:42:18 onPortUpdate(port=48788, network=udp4)
2024/11/03 16:42:18 router: using firewall mode pref
2024/11/03 16:42:18 router: default choosing iptables
2024/11/03 16:42:18 UpdateMagicsockPort(port=48788, network=udp4) failed: could not setup netfilter: could not create new netfilter: could not get iptables version: exit status 1
2024/11/03 16:42:18 magicsock: disco key = d:704374b91c0c61a8
2024/11/03 16:42:18 Creating WireGuard device...
2024/11/03 16:42:18 Bringing WireGuard device up...
2024/11/03 16:42:18 Bringing router up...
2024/11/03 16:42:18 router: using firewall mode pref
2024/11/03 16:42:18 external route: up
2024/11/03 16:42:18 router: default choosing iptables
2024/11/03 16:42:18 wgengine.NewUserspaceEngine(tun "tailscale0") error: router.Up: setting netfilter mode: could not get iptables version: exit status 1
2024/11/03 16:42:18 flushing log.
2024/11/03 16:42:18 logger closing down
2024/11/03 16:42:19 getLocalBackend error: createEngine: router.Up: setting netfilter mode: could not get iptables version: exit status 1
It fails on both lsiobase/ubuntu:noble and lsiobase/alpine:3.20 for AMD64.
Oddly it does not fail on lsiobase/alpine:3.20 for ARM64, as the install of iptables fails there, and therefore tailscale never tries to use iptables.
removal of the iptables line fixes the problem
if [ -f /usr/bin/apt ]; then
echo "\
jq " >> /mod-repo-packages-to-install.list
fi