diff options
| author |   Nicholas Vinson <nvinson234@gmail.com> | 2015-11-03 01:07:43 -0500 |
|---|---|---|
| committer | Nicholas Vinson <nvinson234@gmail.com> | 2015-11-03 01:11:27 -0500 |
| commit | 82337cf9c4e23a9b0723916e65927bb3e48b685e (patch) | |
| tree | 7e1c2b19d13627b84ac6eb0a01a5494adeeaa7cc /net-firewall | |
| parent | net-firewall/nftables: update nftables.init to use new libexec/nftables.sh (diff) | |
| download | gentoo-82337cf9c4e23a9b0723916e65927bb3e48b685e.tar.gz gentoo-82337cf9c4e23a9b0723916e65927bb3e48b685e.tar.bz2 gentoo-82337cf9c4e23a9b0723916e65927bb3e48b685e.zip | |
net-firewall/nftables: Create systemd unit files
Package-Manager: portage-2.2.23
Diffstat (limited to 'net-firewall')
3 files changed, 31 insertions, 0 deletions
diff --git a/net-firewall/nftables/files/systemd/nftables-restore.service b/net-firewall/nftables/files/systemd/nftables-restore.service new file mode 100644 index 000000000000..7a7eacfee9f3 --- /dev/null +++ b/net-firewall/nftables/files/systemd/nftables-restore.service @@ -0,0 +1,14 @@ +[Unit] +Description=Restore nftables firewall rules +# if both are queued for some reason, don't store before restoring :) +Before=nftables-store.service +# sounds reasonable to have firewall up before any of the services go up +Before=network.target +Conflicts=shutdown.target + +[Service] +Type=oneshot +ExecStart=/usr/libexec/nftables/nftables.sh load /var/lib/nftables/rules-save + +[Install] +WantedBy=basic.target diff --git a/net-firewall/nftables/files/systemd/nftables-store.service b/net-firewall/nftables/files/systemd/nftables-store.service new file mode 100644 index 000000000000..373f8b947d7d --- /dev/null +++ b/net-firewall/nftables/files/systemd/nftables-store.service @@ -0,0 +1,11 @@ +[Unit] +Description=Store nftables firewall rules +Before=shutdown.target +DefaultDependencies=No + +[Service] +Type=oneshot +ExecStart=/usr/libexec/nftables/nftables.sh store /var/lib/nftables/rules-save + +[Install] +WantedBy=shutdown.target diff --git a/net-firewall/nftables/files/systemd/nftables.service b/net-firewall/nftables/files/systemd/nftables.service new file mode 100644 index 000000000000..d6f05c7cf467 --- /dev/null +++ b/net-firewall/nftables/files/systemd/nftables.service @@ -0,0 +1,6 @@ +[Unit] +Description=Store and restore nftables firewall rules + +[Install] +Also=nftables-store.service +Also=nftables-restore.service |