From 1de12470d37ad0921fc7e27257fe8cfc0da287d5 Mon Sep 17 00:00:00 2001
From: billz <billzimmerman@gmail.com>
Date: Tue, 24 Mar 2020 11:17:01 +0000
Subject: [PATCH] Replace update rc.local w/ iptables-save

---
 installers/configauth.sh | 28 +++++++---------------------
 1 file changed, 7 insertions(+), 21 deletions(-)

diff --git a/installers/configauth.sh b/installers/configauth.sh
index 1300f8c3..9f4a2a28 100755
--- a/installers/configauth.sh
+++ b/installers/configauth.sh
@@ -22,26 +22,12 @@ if [ "$auth" = 1 ]; then
     fi
 fi
 
-# Generate iptables entries to place into rc.local file.
-# #RASPAP is for uninstall script
-echo "Checking iptables rules for $interface"
+# Configure NAT and forwarding with iptables
+echo "Adding iptables rules for $interface"
+sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
+sudo iptables -A FORWARD -i tun0 -o $interface -m state --state RELATED,ESTABLISHED -j ACCEPT
+sudo iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT
 
-lines=(
-"iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE #RASPAP"
-"iptables -A FORWARD -i tun0 -o $interface -m state --state RELATED,ESTABLISHED -j ACCEPT #RASPAP"
-"iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT #RASPAP"
-)
-
-for line in "${lines[@]}"; do
-    if grep "$line" /etc/rc.local > /dev/null; then
-        echo "$line: Line already added"
-    else
-        sudo sed -i "s/^exit 0$/$line\nexit 0/" /etc/rc.local
-        echo "Adding rule: $line"
-    fi
-done
-
-# Force a reload of new settings in /etc/rc.local
-sudo systemctl restart rc-local.service
-sudo systemctl daemon-reload
+echo "Persisting IP tables rules"
+sudo iptables-save | sudo tee /etc/iptables/rules.v4 > /dev/null