On Thursday 2014-12-18 14:02, Jörg Thalheim wrote:
>18. Dezember 2014 13:56 Uhr, "Jan Engelhardt" <jengelh@xxxxxxx> schrieb:
>> On Thursday 2014-12-18 13:47, Jörg Thalheim wrote:
>>> +
>>> +nftables_confdir = ${sysconfdir}
>>> +nftables_conf_DATA = nftables.conf
>>
>> Per systemd and distro directions, upstream-provided files should really really be located in /usr,
>> not /etc
>> (this location being reserved for machine- and user-specific tweaks).
>
>This is what the code does (/usr/lib/systemd/system/nftables.service).
>In nftables.conf I have added some dummy rules, because the service file relies on it and
>will fails otherwise which is a bad default.
I mean the shipped nftables.conf, it ought to be installed to
/usr(/share/nftables), similar to systemd services.
If and when the user decides to procure his own rules, he will do so via his
own nftables.conf, then located in /etc and - ideally - overriding the
same-named file in /usr.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
