From ab6b57ca3f8349d6122b87725be46cac95473e3b Mon Sep 17 00:00:00 2001
From: zhangzujian <zhangzujian.7@gmail.com>
Date: Thu, 22 Aug 2024 05:46:18 +0000
Subject: [PATCH] vpc-nat-gateway: use iptables-legacy for centos 7

Signed-off-by: zhangzujian <zhangzujian.7@gmail.com>
---
 dist/images/vpcnatgateway/Dockerfile     | 2 +-
 dist/images/vpcnatgateway/nat-gateway.sh | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/dist/images/vpcnatgateway/Dockerfile b/dist/images/vpcnatgateway/Dockerfile
index 8fd5f6ca94ef..58828094d9d3 100644
--- a/dist/images/vpcnatgateway/Dockerfile
+++ b/dist/images/vpcnatgateway/Dockerfile
@@ -6,7 +6,7 @@ RUN set -ex \
     && apk add --no-cache \
     bash \
     iproute2 \
-    iptables \
+    iptables iptables-legacy \
     iputils \
     tcpdump \
     conntrack-tools
diff --git a/dist/images/vpcnatgateway/nat-gateway.sh b/dist/images/vpcnatgateway/nat-gateway.sh
index 6d75c0408242..eaae9e1a7b7d 100644
--- a/dist/images/vpcnatgateway/nat-gateway.sh
+++ b/dist/images/vpcnatgateway/nat-gateway.sh
@@ -1,5 +1,11 @@
 #!/usr/bin/env bash
 
+# use iptables-legacy for centos 7
+if iptables-legacy -t nat -S INPUT 1 2>/dev/null; then
+    alias iptables=iptables-legacy
+    alias iptables-save=iptables-legacy-save
+fi
+
 function exec_cmd() {
     cmd=${@:1:${#}}
     $cmd