update node selector in Drone configuration and add nftables to Dockerfile
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
gyurix
@@ -3,7 +3,7 @@ type: kubernetes
|
|||||||
name: default
|
name: default
|
||||||
|
|
||||||
node_selector:
|
node_selector:
|
||||||
physical-node: dev2
|
physical-node: dev1
|
||||||
|
|
||||||
trigger:
|
trigger:
|
||||||
branch:
|
branch:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
FROM alpine
|
FROM alpine
|
||||||
|
|
||||||
RUN apk add --update --no-cache iptables iptables-legacy openssl jq curl ca-certificates busybox-extras docker-cli
|
RUN apk add --update --no-cache iptables iptables-legacy openssl jq curl ca-certificates busybox-extras docker-cli nftables
|
||||||
COPY firewall/ /firewall/
|
COPY firewall/ /firewall/
|
||||||
CMD firewall/iptables-wrapper-installer.sh && /firewall/firewall-add
|
CMD firewall/iptables-wrapper-installer.sh && /firewall/firewall-add
|
||||||
|
|||||||
@@ -484,6 +484,9 @@ for source_ip_index in $(seq 1 $COUNT_SOURCE_IP); do
|
|||||||
else
|
else
|
||||||
debug "$IPTABLES -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT"
|
debug "$IPTABLES -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT"
|
||||||
$IPTABLES -w -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT
|
$IPTABLES -w -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT
|
||||||
|
if [ "$IPTABLES" == "/usr/sbin/iptables" ]; then
|
||||||
|
/usr/sbin/nft delete table ip raw 2>/dev/null || true
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
#############################
|
#############################
|
||||||
|
|||||||
Reference in New Issue
Block a user