mirror of
https://github.com/ChuckBuilds/LEDMatrix.git
synced 2026-05-03 05:52:59 +00:00
baebe4f5f7
Tested on devpi (Trixie, NM 1.52.1): iptables is not installed; nftables is.
The original code called _setup_iptables_redirect() and treated 'iptables not
found' as a hard failure, rolling back the entire AP setup.
Changes:
- _setup_iptables_redirect() now tries iptables first, then nftables as a
fallback. When neither is available it logs a warning and returns True so
the AP still comes up (DNS spoofing still triggers the captive portal popup;
users land on port 5000 directly instead of being auto-redirected from 80).
- Split into _setup_iptables_redirect_iptables() and
_setup_iptables_redirect_nftables() for clarity.
- Added _redirect_backend instance var ("iptables" | "nftables" | None) so
_teardown_iptables_redirect() uses the same tool that setup used.
- nftables teardown: deletes the 'ledmatrix' table (clean, no leftover rules).
- iptables teardown: unchanged logic (ip_forward save/restore).
- Also removed the PMF workaround for Trixie: 802-11-wireless-security.pmf
requires key-mgmt to also be set, breaking open-network creation on NM 1.52+.
Open APs have no management frame protection by definition.
- Update teardown test to set _redirect_backend = "iptables" before calling it.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>