iptablesHasCheckCommand wrong version check when iptables version is v1.4.21

coreos / go-iptables

Go wrapper around iptables utility

Apache License 2.0

1.11k stars 257 forks source link

iptablesHasCheckCommand wrong version check when iptables version is v1.4.21 #123

Closed oonexdl closed 7 months ago

oonexdl commented 7 months ago

error msg: "running [/usr/sbin/iptables -t filter -C FORWARD -P FORWARD DROP --wait]: exit status 2: iptables v1.4.21: Cannot use -P with -C\n\nTry `iptables -h' or 'iptables --help' for more information.\n"

dandare100 commented 7 months ago

I am not sure what you mean by wrong version check.

The version check looks good

The command itself ("/usr/sbin/iptables -t filter -C FORWARD -P FORWARD DROP --wait") is invalid because it is trying to set a policy and check if a rule exists in a chain at the same time.

oonexdl commented 7 months ago

my fault, wrong rulespec were used when test