Unable to chain iptables command in pre_up

DefGuard / gateway

Defguard gateway

Other

19 stars 2 forks source link

Unable to chain iptables command in pre_up #89

Closed Netherwhal closed 5 months ago

Netherwhal commented 5 months ago

defguard-gateway[22075]: [2024-03-24T16:40:21Z INFO  defguard_gateway] Executing specified PRE_UP command: iptables -A FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
defguard-gateway[22075]: [2024-03-24T16:40:21Z ERROR defguard_gateway] Error executing command. Stderr:
defguard-gateway[22075]:     Bad argument `iptables'
defguard-gateway[22075]:     Try `iptables -h' or 'iptables --help' for more information.

teon commented 5 months ago

doing commands with ";" one assumes that there is a shell execution (the ";" commands separator is a shell functionality). We do not use a shell. If you would like to have multiple commands please create a script an then add this to pre/post: /path/tp/shell /path/to/script/as/argument

Netherwhal commented 5 months ago

my bad, this was example config: https://github.com/DefGuard/gateway/blob/main/example-config.toml#L31

teon commented 5 months ago

Ok so it's our bug ;-) sorry about that! will correct the example

teon commented 5 months ago

Fixed the documentation.