increase priority of sysctl conf file (#750)

Prevents GCP cloud platform's default security policy for instances, which uses prefix 60-, from overriding ip_forward. Also future-proofs against any other such default policy.
This commit is contained in:
Dave Eargle 2020-10-20 15:44:52 -06:00 committed by GitHub
parent 197b7b9fb5
commit 2e193e33cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -891,9 +891,9 @@ verb 3" >>/etc/openvpn/server.conf
mkdir -p /var/log/openvpn
# Enable routing
echo 'net.ipv4.ip_forward=1' >/etc/sysctl.d/20-openvpn.conf
echo 'net.ipv4.ip_forward=1' >/etc/sysctl.d/99-openvpn.conf
if [[ $IPV6_SUPPORT == 'y' ]]; then
echo 'net.ipv6.conf.all.forwarding=1' >>/etc/sysctl.d/20-openvpn.conf
echo 'net.ipv6.conf.all.forwarding=1' >>/etc/sysctl.d/99-openvpn.conf
fi
# Apply sysctl rules
sysctl --system
@ -1266,7 +1266,7 @@ function removeOpenVPN() {
find /root/ -maxdepth 1 -name "*.ovpn" -delete
rm -rf /etc/openvpn
rm -rf /usr/share/doc/openvpn*
rm -f /etc/sysctl.d/20-openvpn.conf
rm -f /etc/sysctl.d/99-openvpn.conf
rm -rf /var/log/openvpn
# Unbound