Thank you! I forwarded your review in form of bug reports to the affected projects. [1] [2]
Lennart Poettering: > On Thu, 28.07.16 17:29, Patrick Schleizer (patrick-mailingli...@whonix.org) > wrote: > >> TLDR: >> >> How to securely load a firewall before networking gets up? >> >> Can you provide a secure, recommended or even canonical example of such >> a firewall.service? > > See https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ With all due respect, I do not think this is a case of read the manual here. I did read that also before posting this question. I am sure also rustybird, the author of the second systemd unit file I posted in this subject, also read that before. As rustybird (who also once submitted a systemd patch wrt network-pre.target) pointed out, the author of netfilter-persistent also got it wrong. [1] Having explained this, I would like to reiterate my my request... Can you provide a secure, recommended or even canonical example of such a firewall.service? Cheers, Patrick [1] https://github.com/rustybird/corridor/issues/29 [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832911 [3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829640 _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
