hotfix(firewall): save and restore behavior fixed

- restore if IPv4 set all policies fails - fix deadlock when using iptables custom rules - fix setting ipv6 rules when running runMixedIptablesInstruction
2026-05-08 04:50:11 +02:00 · 2026-02-28 14:37:58 +00:00
parent b9d49e0661
commit ec24ffdfd8
3 changed files with 9 additions and 9 deletions
@@ -45,6 +45,12 @@ func (c *Config) enable(ctx context.Context) (err error) {
 		return fmt.Errorf("saving firewall rules: %w", err)
 	}

+	defer func() {
+		if err != nil {
+			c.restore(context.Background())
+		}
+	}()
+
 	if err = c.impl.SetIPv4AllPolicies(ctx, "DROP"); err != nil {
 		return err
 	}
@@ -53,12 +59,6 @@ func (c *Config) enable(ctx context.Context) (err error) {
 		return err
 	}

-	defer func() {
-		if err != nil {
-			c.restore(context.Background())
-		}
-	}()
-
 	// Loopback traffic
 	if err = c.impl.AcceptInputThroughInterface(ctx, "lo"); err != nil {
 		return err