[pkg-netfilter-team] Bug#1054333: Please either provide nftables-bin package or make service conditional
Josh Triplett
josh at joshtriplett.org
Sun Oct 22 07:23:57 BST 2023
Package: nftables
Severity: wishlist
X-Debbugs-Cc: josh at joshtriplett.org
There are two potential reasons to install the nftables package: to have
it run at boot time, or to run the nft tool manually. If only doing the
latter and not the former, the service is not necessarily desirable.
Please consider either:
- shipping an nftables-bin package that just provides nft but not the
system service, or
- making the systemd unit use ConditionPathExists=/etc/nftables.conf ,
so that it does nothing if the script does not exist, and then
removing the default configuration file and shipping it as an example
in /usr/share/doc/nftables.
The latter seems easier. This would make it easy to install nftables and
use nft without changing anything about system boot, and then still
easily create /etc/nftables.conf and have it work automatically.
Thank you.
More information about the pkg-netfilter-team
mailing list