On 20 March 2015 at 10:53, Jörg Thalheim <joerg@xxxxxxxxxxxxx> wrote: > The last PATCH was rejected, because it has added an integration script. > This PATCH however only adds a service file, with no other dependency but the > userpace nft program. > Again, my opinion is: this belongs to distributions. > my motivation was the following: > > - Providing a service file upstream hopefully lead to consistent behaviour across distributions > - The people, who know how to deal with nft, are usually the upstream developer itself > - The provided service should be reusable without any modification in any distribution > and should preserve maintainers from reinventing the wheel all the time > (debian currently does not provide atomic reloading in sid for example; > archlinux does, but it doesn't set ProtectSystem and ProtectHome) > It turns out that the debian package do reload the ruleset atomically. We can further discuss the debian stuff in other place though. -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
