From 9271f63dd98c55fee8f109bef11ddf8cc519ef51 Mon Sep 17 00:00:00 2001
From: gyurix <gyurix@gmail.com>
Date: Tue, 18 Nov 2025 23:21:31 +0100
Subject: [PATCH] remove nftables installation from Dockerfile and clean up
 firewall-add script

---
 Dockerfile            | 2 +-
 firewall/firewall-add | 3 ---
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9668fad..b3e010e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 FROM alpine
 
-RUN apk add --update --no-cache iptables iptables-legacy openssl jq curl ca-certificates busybox-extras docker-cli nftables
+RUN apk add --update --no-cache iptables iptables-legacy openssl jq curl ca-certificates busybox-extras docker-cli
 COPY firewall/ /firewall/
 CMD firewall/iptables-wrapper-installer.sh && /firewall/firewall-add
diff --git a/firewall/firewall-add b/firewall/firewall-add
index 966ab64..c6e4458 100755
--- a/firewall/firewall-add
+++ b/firewall/firewall-add
@@ -484,9 +484,6 @@ for source_ip_index in $(seq 1 $COUNT_SOURCE_IP); do
                         else
                             debug "$IPTABLES -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT"
                             $IPTABLES -w -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT
-                            if [ "$IPTABLES" == "/usr/sbin/iptables" ]; then
-                                /usr/sbin/nft delete table ip raw 2>/dev/null || true
-                            fi
                         fi
                     fi
                     #############################