Closed LucaOonk closed 1 year ago
netclient defaults to iptables unless nftables is present on the host, assumption being that latest firewall tool installed is to be used. This assumption may need to be revisited.
If I understand correctly, when nfttables is deleted before enrolling the node it will use iptables, correct?
Update:
I tested this and it seems to work: removing nftables and then enrolling the node indeed defaults to iptables
I had some idea's how to "fix" this:
Hi @mattkasun,
I have made a fix for this issue, and made a pull request. https://github.com/gravitl/netmaker/pull/1696
I hope this will be merged in the next version of netclient.
As the pull request is approved this issue can be closed.
What happened?
When adding a new Node it defaults to use the
nfttables
infirewallinuse
, even though the active firewall isiptables
. When this node is made an ingress-node this machine becomes unresponsive, and can not be reached. Requiring the following to make the machine work again:The workaround I found was make an api call to change the
firewallinuse
and then make the node an ingress:My guess is that this is not intended and could be prevented. For example, check the current firewall when the node is added. Maybe this kind of advanced info could be shown in a special tab for each node? This would greatly help troubleshoot stuff like this!
Version v0.16.0 server v0.16.0 netclient
What OS are you using? Linux
Relevant log output No response
Contributing guidelines Yes, I did.