From: You Yu Lu <zxc70208@gmail.com>
To: netfilter@vger.kernel.org
Subject: Unit dependency of network-pre.target in nftables.service
Date: Fri, 1 Dec 2023 12:50:14 +0100 [thread overview]
Message-ID: <CAA=+QiiS_FZnaGNjx7kGYqJgkMTE48z7nHn1VREcV4PoD3GyZQ@mail.gmail.com> (raw)
Hello netfilter community,
I have a question regarding the dependency of nftables.service.
OS version: Ubuntu 22.04.1 LTS
nftable package version: 1.0.2-1ubuntu2
In the default nftables.service unit file, it has a default dependency
that it needs to be started before network-pre.target at boot. Based
on my understanding, nftable rule are loaded before the network
interfaces are configured.
# /lib/systemd/system/nftables.service
[Unit]
Description=nftables
Documentation=man:nft(8) http://wiki.nftables.org
Wants=network-pre.target
Before=network-pre.target shutdown.target
Conflicts=shutdown.target
DefaultDependencies=no
What is the reason to start nftable service before networkd configured
by default?
Is this the intended behavior for nftable? Or is it fine to modify the
service unit file and change the dependency to fit different use
cases?
Thank you in advance.
Best regards,
You-Yu Lu
next reply other threads:[~2023-12-01 11:50 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-01 11:50 You Yu Lu [this message]
2023-12-01 12:06 ` Unit dependency of network-pre.target in nftables.service Kevin P. Fleming
2023-12-01 13:15 ` Reindl Harald
2023-12-01 13:43 ` Serg
2023-12-01 13:59 ` Kevin P. Fleming
2023-12-01 14:04 ` Reindl Harald
2023-12-01 14:12 ` Serg
2023-12-01 15:16 ` Reindl Harald
[not found] ` <CAOLfK3Wh+fhZZG-2c79q-1E-0St2i1cdikNR9WrK34OGqBrcsQ@mail.gmail.com>
2023-12-01 15:27 ` Reindl Harald
2023-12-04 13:54 ` You Yu Lu
2023-12-15 12:12 ` Kevin P. Fleming
2023-12-20 9:40 ` You Yu Lu
2023-12-20 11:15 ` Kevin P. Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAA=+QiiS_FZnaGNjx7kGYqJgkMTE48z7nHn1VREcV4PoD3GyZQ@mail.gmail.com' \
--to=zxc70208@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).