Only use iptable to block xml.cisco.com on Ubuntu Focal.

GNS3 · Apr 20, 2024 · faf7e09 · faf7e09
1 parent 4959a51
commit faf7e09
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/scripts/remote-install.sh b/scripts/remote-install.sh
@@ -198,10 +198,17 @@ then
     dd if=/dev/zero bs=4 count=1 of=/etc/hostid
 
     # Block potential IOU phone home call (xml.cisco.com is not in use at this time)
-    iptables -I OUTPUT -p udp --dport 53 -m string --hex-string "|03|xml|05|cisco|03|com" --algo bm -j DROP
-    echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
-    echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
-    apt-get install -y iptables-persistent
+    log "Block IOU phone home call"
+    if [ "$UBUNTU_CODENAME" == "focal" ]
+    then
+      iptables -I OUTPUT -p udp --dport 53 -m string --hex-string "|03|xml|05|cisco|03|com" --algo bm -j DROP
+      echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
+      echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
+      apt-get install -y iptables-persistent
+    else
+      echo "127.0.0.254 xml.cisco.com" | tee --append /etc/hosts
+    fi
+
 fi
 
 log "Add gns3 to the kvm group"