Dave Parker <dpar...@utica.edu> writes: > So, I copied /lib/systemd/system/nftables.service to > /etc/systemd/system/nftables.service, set > ProtectHome=false, ran "systemctl daemon-reload", and now it works!
Well, good, buy why not put configuration data in /etc instead of /root where it belongs and keep the service as is? Personally I have my main or common rules in /etc/nftables.conf and have in there include "/etc/nftables.conf.d/*" so that I can add extra input rules for different computers.