ufw masquerade config not idempotent
Bug #1530899 reported by
David Brownlee
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Server Guide |
New
|
Undecided
|
Unassigned |
Bug Description
Step 2 of the "IP Masquerade" section of https:/
# nat Table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Forward traffic from eth1 through eth0.
-A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
# don't delete the 'COMMIT' line or these nat table rules won't be processed
COMMIT
Because this always appends, every time you run "systemctl reload ufw.service", a duplicate line is added to POSTROUTING. You can use -F on a line by itself to flush POSTROUTING first.
To post a comment you must log in.