[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Error including file in nftables.conf

On Tue, Oct 4, 2022 at 2:32 AM Anssi Saari <as@sci.fi> wrote:
Dave Parker <dparker@utica.edu> writes:

> So, I copied /lib/systemd/system/nftables.service to /etc/systemd/system/nftables.service, set
> ProtectHome=false, ran "systemctl daemon-reload", and now it works!

Well, good, buy why not put configuration data in /etc instead of /root
where it belongs and keep the service as is?

Personally I have my main or common rules in /etc/nftables.conf and have
in there include "/etc/nftables.conf.d/*" so that I can add extra input
rules for different computers.


You're right that it probably should just go in /etc/nftables.conf.  This was mostly just for testing; I had a fairly large ruleset in a file which was converted from an iptables script on another server, and instead of pasting that all into nftables.conf, I was hoping to keep it separate and use include to read it.  Moving that to a location other than /root is the solution. Thanks!
Reply to: