Package: netfilter-persistent
Version: 1.0.4+nmu2
Severity: normal
Tags: patch
Currently, if FLUSH_ON_STOP=0 then /usr/sbin/netfilter-persistent stop exits
with code 1. Since systemd runs this on stopping netfilter-persistent, the
unit goes into a failed state. That causes anything that depends on
netfilter-persistent.service to fail.
This behavior seems wrong independantly: if FLUSH_ON_STOP=0, then it's not a
failure that the rules weren't flushed. Please consider the attached patch.
Thanks,
Ross
>From aa9404c7908478989cedbd1daa0caea504dc4e6f Mon Sep 17 00:00:00 2001
From: Ross Vandegrift <r...@kallisti.us>
Date: Thu, 24 May 2018 11:52:02 -0700
Subject: [PATCH] Make stop succeed when FLUSH_ON_STOP=0
---
netfilter-persistent | 1 -
1 file changed, 1 deletion(-)
diff --git a/netfilter-persistent b/netfilter-persistent
index 8a3c365..6da593f 100755
--- a/netfilter-persistent
+++ b/netfilter-persistent
@@ -40,7 +40,6 @@ stop)
run_plugins flush
else
echo "Automatic flush disabled; use '${0} flush'"
- exit 1
fi
;;
*)
--
2.11.0
