From 60f6e03edeea7b94b57c7beb86cc8256e3ce0b87 Mon Sep 17 00:00:00 2001
From: Adam Schultz <adam.schultz@live.com>
Date: Sat, 5 Oct 2024 18:33:18 -0400
Subject: [PATCH 1/2] Detect nftables/iptables-legacy and switch ubuntu
 alternatives as needed

---
 fs/etc/services.d/nordvpn/run | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/fs/etc/services.d/nordvpn/run b/fs/etc/services.d/nordvpn/run
index d03d70e..060a08d 100644
--- a/fs/etc/services.d/nordvpn/run
+++ b/fs/etc/services.d/nordvpn/run
@@ -1,5 +1,28 @@
 #!/bin/bash
 
+legacy_supported=$(lsmod | grep ip_tables >/dev/null 2>&1 && echo yes || echo no)
+nft_supported=$(lsmod | grep nf_tables >/dev/null 2>&1 && echo yes || echo no)
+if [ -z "$IPTABLES" ] ; then
+	if [ x$nft_supported = xyes ] ; then
+		update-alternatives --set iptables /usr/sbin/iptables-nft
+	else
+		update-alternatives --set iptables /usr/sbin/iptables-legacy
+	fi
+elif [ x$IPTABLES = xnft ] ; then
+	if [ x$nft_supported = xyes ] ; then
+		update-alternatives --set iptables /usr/sbin/iptables-nft
+	else
+		update-alternatives --set iptables /usr/sbin/iptables-legacy
+	fi
+elif [ x$IPTABLES = xlegacy ] ; then
+	if [ x$legacy_supported = xyes ] ; then
+		update-alternatives --set iptables /usr/sbin/iptables-legacy
+	else
+		update-alternatives --set iptables /usr/sbin/iptables-nft
+	fi
+fi
+
+
 if [[ ! -d /run/nordvpn ]]; then
   mkdir -m 0770 /run/nordvpn
 fi

From 606d84559eb677aff36520719f0d0daa280f575b Mon Sep 17 00:00:00 2001
From: Adam Schultz <adam.schultz@live.com>
Date: Sun, 6 Oct 2024 09:12:38 -0400
Subject: [PATCH 2/2] Simplify checking since we're not logging individual
 actions/values

---
 fs/etc/services.d/nordvpn/run | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/fs/etc/services.d/nordvpn/run b/fs/etc/services.d/nordvpn/run
index 060a08d..bf9cded 100644
--- a/fs/etc/services.d/nordvpn/run
+++ b/fs/etc/services.d/nordvpn/run
@@ -2,27 +2,20 @@
 
 legacy_supported=$(lsmod | grep ip_tables >/dev/null 2>&1 && echo yes || echo no)
 nft_supported=$(lsmod | grep nf_tables >/dev/null 2>&1 && echo yes || echo no)
-if [ -z "$IPTABLES" ] ; then
-	if [ x$nft_supported = xyes ] ; then
-		update-alternatives --set iptables /usr/sbin/iptables-nft
-	else
+if [ x$IPTABLES = xlegacy ] ; then
+	if [ x$legacy_supported = xyes ] ; then
 		update-alternatives --set iptables /usr/sbin/iptables-legacy
+	else
+		update-alternatives --set iptables /usr/sbin/iptables-nft
 	fi
-elif [ x$IPTABLES = xnft ] ; then
+else
 	if [ x$nft_supported = xyes ] ; then
 		update-alternatives --set iptables /usr/sbin/iptables-nft
 	else
 		update-alternatives --set iptables /usr/sbin/iptables-legacy
 	fi
-elif [ x$IPTABLES = xlegacy ] ; then
-	if [ x$legacy_supported = xyes ] ; then
-		update-alternatives --set iptables /usr/sbin/iptables-legacy
-	else
-		update-alternatives --set iptables /usr/sbin/iptables-nft
-	fi
 fi
 
-
 if [[ ! -d /run/nordvpn ]]; then
   mkdir -m 0770 /run/nordvpn
 fi