Bug#984570: orphan-sysvinit-scripts: nftables interaction with local iptables script
Matthew Vernon
matthew at debian.org
Fri Mar 5 10:55:39 GMT 2021
Hi,
> I just got orphan-sysvinit-scripts pulled in on a few boxes where I
> happen to have nftables installed but rules are still defined and
> loaded by iptables, called by a locally-defined init script.
I'm slightly confused by your report, sorry. Historically nftables did
have a sysvinit script (though it was removed from the package in a
previous version).
You installed a version of nftables without a sysvinit script on a
sysvinit system, and made your own sysvinit script for it that you
didn't call /etc/init.d/nftables ?
And you installed your nftables config somewhere that wasn't the
expected location /etc/nftables.conf ?
The init script that used to ship with nftables had the following init info:
# Required-Start: $local_fs $network $remote_fs $syslog
# Required-Stop: $local_fs $remote_fs $syslog
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: nftables firewall service
# Description: nftables firewall system service
Which is not quite the same as the version in orphan-sysvinit-scripts.
Regards,
Matthew
More information about the Debian-init-diversity
mailing list