Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 927744

Summary: net-firewall/nftables: support loading config file from /etc
Product: Gentoo Linux Reporter: Alfred Persson <cat>
Component: Current packagesAssignee: Gentoo's Team for Core System packages <base-system>
Status: UNCONFIRMED ---    
Severity: enhancement CC: klondike, leohdz172, prometheanfire
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Alfred Persson 2024-03-24 18:48:17 UTC 
Hi! The current nftables .init-r1 and .service files only support loading rules from a save file in /var/lib/nftables/rules-save. This makes sense when using nftables interactively, but it's a hassle when you want to keep a single config file.

Alpine supports both with their init file: https://git.alpinelinux.org/aports/tree/main/nftables/nftables.initd

Fedora just loads from /etc/nftables/main.nft.

I suggest supporting both like Alpine, but I am unsure if it's best to keep the init files separate.

Reproducible: Always