2014-06-10 19:44 GMT+02:00 Lennart Poettering <lenn...@poettering.net>: > I figure we don't really need network-pre.target, as units that want to > run before the network is up should just use: > > Before=systemd-networkd.service basic.target > > THis is enough since network management services like > NM are normal services, and networkd is the exception in being available > from earliest boot on, including in the initrd. This means, that any > firewall service that wants to cover this must be a early-boot service > (i.e. DefaultDependencies=no), and thus ordering itself before networkd > and basic.target should suffice...
Fwiw, I noticed that we already have a few firewall services using Before=network.target, specifically - firewalld - pyroman - iptables-persistent - shorewall - arno-iptables-firewall - netscript See [1]. I guess that means they are all broken atm and standardizing on a upstream provided target would make sense. Cheers, Michael [1] http://codesearch.debian.net/search?q=Before%3D.*network.target -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
