Re: How to create a systemd service that interact with nftables service

To: debian-user@lists.debian.org
Subject: Re: How to create a systemd service that interact with nftables service
From: Nicolas George <george@nsup.org>
Date: Sun, 25 Jun 2023 19:04:21 +0200
Message-id: <[🔎] ZJhzlfDRgMKHs6XN@phare.normalesup.org>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] ZJhqasY0jhC1IU3a@wooledge.org>
References: <[🔎] E2E2A35A-D4FD-4007-ADFC-DCD7A58930A7@rodier.me> <[🔎] ZJhqasY0jhC1IU3a@wooledge.org>

Greg Wooledge (12023-06-25):
> I think most of the time, this is not done as a systemd service at
> all.  It's usually invoked from the "up" hook when your network interface
> is brought up, assuming you use /etc/network/interfaces.  If you use
> NetworkManager, then I don't know.
> 
> Check interfaces(5) and look for "up", "post-up" and "pre-down".

Linux's firewall is designed so that it can be configured before the
interfaces are up, or even exist. Without that, there would be a short
time with the interface up but no firewall.

Regards,

-- 
  Nicolas George

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- How to create a systemd service that interact with nftables service
  - From: André Rodier <andre@rodier.me>
- Re: How to create a systemd service that interact with nftables service
  - From: Greg Wooledge <greg@wooledge.org>

Prev by Date: Re: How to create a systemd service that interact with nftables service
Next by Date: Re: How to create a systemd service that interact with nftables service
Previous by thread: Re: How to create a systemd service that interact with nftables service
Next by thread: Re: How to create a systemd service that interact with nftables service
Index(es):
- Date
- Thread