diff --git a/nftables.go b/nftables.go index 06d5e1c3..6a6754ce 100644 --- a/nftables.go +++ b/nftables.go @@ -166,7 +166,13 @@ func (n *nft) Add(decision *models.Decision) error { return nil } } else { // ipv4 - if err := n.conn.SetAddElements(n.set, []nftables.SetElement{{Key: []byte(net.ParseIP(*decision.Value).To4())}}); err != nil { + var ipAddr string + if strings.Contains(*decision.Value, "/") { + ipAddr = strings.Split(*decision.Value, "/")[0] + } else { + ipAddr = *decision.Value + } + if err := n.conn.SetAddElements(n.set, []nftables.SetElement{{Key: []byte(net.ParseIP(ipAddr).To4())}}); err != nil { return err } if err := n.conn.Flush(); err != nil { diff --git a/scripts/install.sh b/scripts/install.sh index 9d38a5ab..021d489e 100644 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -22,20 +22,10 @@ check_iptables() { } -check_apikeygen() { - echo "if you are on a single-machine setup, do you want the wizard to configure your API key ? (Y/n)" - echo "(note: if you didn't understand the question, 'Y' might be a safe answer)" - read answer - if [[ ${answer} == "" ]]; then - answer="y" - fi - if [ "$answer" != "${answer#[Yy]}" ] ;then - SUFFIX=`tr -dc A-Za-z0-9 "${CONFIG_DIR}cs-firewall-bouncer.yaml" - else - echo "For your bouncer to be functionnal, you need to create an API key and set it in the ${CONFIG_DIR}cs-firewall-bouncer.yaml file" - fi; +gen_apikey() { + SUFFIX=`tr -dc A-Za-z0-9 "${CONFIG_DIR}cs-firewall-bouncer.yaml" } check_ipset() { @@ -68,5 +58,5 @@ check_iptables check_ipset echo "Installing firewall-bouncer" install_firewall_bouncer -check_apikeygen +gen_apikey echo "The firewall-bouncer service has been installed!"