
I use nftables as my firewall and setup the nftables.conf today. My
firewall rules are based on whitelisting. Everything is dropped from
INPUT and FORWARD as long as there is no specific rule for it. For
my libvirt network interface virbr1 there are also some rules. I
enabled the nftables.server so my firewall gets setup on startup.

Now there is a problem. The libvirt network interfaces are not
available this early in boot state. The nftables.service fails
because it can't find the virbr1.

UNIT settings for the nftables.service:
   Before=network-pre.target shutdown.target

What is a good way to fix this problem?

Attachment: signature.asc
Description: PGP signature

Reply via email to