vanja/gluetun
1
0
Fork 0
mirror of https://github.com/qdm12/gluetun.git synced 2026-05-09 20:29:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fallback to accepting only NEW output public traffic if conntrack netlink isn't supported

Browse Source
This commit is contained in:
Quentin McGaw
2026-02-26 15:53:07 +00:00
parent dfac2b2f1a
commit a37354426b
16 changed files with 302 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/firewall/enable.go
+5 -5
View File
@@ -69,6 +69,11 @@ func (c *Config) enable(ctx context.Context) (err error) {
return err
}
err = c.flushExistingConnections(ctx)
if err != nil {
return fmt.Errorf("flushing existing connections: %w", err)
}
if err = c.impl.AcceptEstablishedRelatedTraffic(ctx); err != nil {
return err
}
@@ -121,11 +126,6 @@ func (c *Config) enable(ctx context.Context) (err error) {
return fmt.Errorf("running user defined post firewall rules: %w", err)
}
err = c.netlinker.FlushConntrack()
if err != nil {
c.logger.Warn("flushing conntrack failed: " + err.Error())
}
return nil
}