From 72b800034715bf1d580e216584891e00cc6386d1 Mon Sep 17 00:00:00 2001 From: Christer Edwards Date: Wed, 21 Jun 2023 20:34:19 -0600 Subject: [PATCH] fix rdr issue detecting IP6 when disabled or not set --- usr/local/share/bastille/rdr.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/usr/local/share/bastille/rdr.sh b/usr/local/share/bastille/rdr.sh index 0480af0a..9ae55596 100644 --- a/usr/local/share/bastille/rdr.sh +++ b/usr/local/share/bastille/rdr.sh @@ -76,11 +76,12 @@ check_jail_validity() { fi # Check if jail ip6 address (ip6.addr) is valid (non-VNET only) if [ "$(bastille config $TARGET get vnet)" != 'enabled' ]; then - if [ "$(bastille config $TARGET get ip6)" != 'disabled' ]; then - JAIL_IP6=$(/usr/sbin/jls -j "${TARGET}" ip6.addr 2>/dev/null) - fi + if [ "$(bastille config $TARGET get ip6)" != 'disabled' ] && [ "$(bastille config $TARGET get ip6)" != 'not set' ]; then + JAIL_IP6=$(/usr/sbin/jls -j "${TARGET}" ip6.addr 2>/dev/null) + fi fi + # Check if rdr-anchor is defined in pf.conf if ! (pfctl -sn | grep rdr-anchor | grep 'rdr/\*' >/dev/null); then error_exit "rdr-anchor not found in pf.conf"