NetworkManager/SOURCES/0002-firewall-Default-to-iptables-backend-to-preserve-behavior.patch
2021-09-09 22:46:39 +00:00

35 lines
1.2 KiB
Diff

From 35fa1c22b6b6f89fd74f31186ec92ec70ed34af2 Mon Sep 17 00:00:00 2001
From: Wen Liang <wenliang@redhat.com>
Date: Wed, 16 Jun 2021 22:43:32 +0200
Subject: [PATCH 1/1] firewall: Default to iptables backend to preserve behavior
For upsteam, the default is "nftables" (if nft is installed). On RHEL8, we will
always default to "iptables" to preserve behavior.
---
src/core/nm-firewall-utils.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c
index 3f2251569fa0..f2712f3d72ab 100644
--- a/src/core/nm-firewall-utils.c
+++ b/src/core/nm-firewall-utils.c
@@ -744,12 +744,9 @@ nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared)
static NMFirewallBackend
_firewall_backend_detect(void)
{
- if (g_file_test(NFT_PATH, G_FILE_TEST_IS_EXECUTABLE))
- return NM_FIREWALL_BACKEND_NFTABLES;
- if (g_file_test(IPTABLES_PATH, G_FILE_TEST_IS_EXECUTABLE))
- return NM_FIREWALL_BACKEND_IPTABLES;
-
- return NM_FIREWALL_BACKEND_NFTABLES;
+ /* For upsteam, the default is "nftables" (if nft is installed). On RHEL8, we will
+ * always default to "iptables" to preserve behavior. */
+ return NM_FIREWALL_BACKEND_IPTABLES;
}
NMFirewallBackend
--
2.31.1