From 34de8084d7436f97d637d45a734eccfb8a802fe3 Mon Sep 17 00:00:00 2001
From: Samson-W <samson@hardenedlinux.org>
Date: Mon, 2 Nov 2020 21:56:30 +0800
Subject: [PATCH] Modify apply method of 14.1

---
 bin/hardening/14.1_security_related_NAT_slipstreaming.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/bin/hardening/14.1_security_related_NAT_slipstreaming.sh b/bin/hardening/14.1_security_related_NAT_slipstreaming.sh
index 91b9e4b..02038ac 100755
--- a/bin/hardening/14.1_security_related_NAT_slipstreaming.sh
+++ b/bin/hardening/14.1_security_related_NAT_slipstreaming.sh
@@ -70,7 +70,12 @@ apply () {
         		ok "$SYSCTL_PARAM correctly set to $SYSCTL_EXP_RESULT"
     		fi
 	else
-		echo "$SYSCTL_PARAM = $SYSCTL_EXP_RESULT" >> /etc/sysctl.conf
+		warn "/proc/sys/net/netfilter/nf_conntrack_helper is not exist, just set $SYSCTL_PARAM = $SYSCTL_EXP_RESULT to /etc/sysctl.conf"
+		if [ $(grep "^$SYSCTL_PARAM = $SYSCTL_EXP_RESULT" /etc/sysctl.conf | wc -l) -eq 0 ]; then
+			echo "$SYSCTL_PARAM = $SYSCTL_EXP_RESULT" >> /etc/sysctl.conf
+		else
+			:
+		fi
 	fi
 }