From 2e193e33cb6843db9f4a027241c4ddf3a5dbfb0b Mon Sep 17 00:00:00 2001
From: Dave Eargle <dave@daveeargle.com>
Date: Tue, 20 Oct 2020 15:44:52 -0600
Subject: [PATCH] increase priority of sysctl conf file (#750)

Prevents GCP cloud platform's default security policy for instances, which uses prefix 60-, from overriding ip_forward. Also future-proofs against any other such default policy.
---
 openvpn-install.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 0e1671d..9269680 100755
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -891,9 +891,9 @@ verb 3" >>/etc/openvpn/server.conf
 	mkdir -p /var/log/openvpn
 
 	# Enable routing
-	echo 'net.ipv4.ip_forward=1' >/etc/sysctl.d/20-openvpn.conf
+	echo 'net.ipv4.ip_forward=1' >/etc/sysctl.d/99-openvpn.conf
 	if [[ $IPV6_SUPPORT == 'y' ]]; then
-		echo 'net.ipv6.conf.all.forwarding=1' >>/etc/sysctl.d/20-openvpn.conf
+		echo 'net.ipv6.conf.all.forwarding=1' >>/etc/sysctl.d/99-openvpn.conf
 	fi
 	# Apply sysctl rules
 	sysctl --system
@@ -1266,7 +1266,7 @@ function removeOpenVPN() {
 		find /root/ -maxdepth 1 -name "*.ovpn" -delete
 		rm -rf /etc/openvpn
 		rm -rf /usr/share/doc/openvpn*
-		rm -f /etc/sysctl.d/20-openvpn.conf
+		rm -f /etc/sysctl.d/99-openvpn.conf
 		rm -rf /var/log/openvpn
 
 		# Unbound