FS#42066 - iptables: Wrong syntax in iptables-restore
Attached to Project:
Arch Linux
Opened by Noel Kuntze (thermi) - Monday, 22 September 2014, 12:39 GMT
Last edited by Gerardo Exequiel Pozzi (djgera) - Sunday, 27 March 2016, 15:57 GMT
Opened by Noel Kuntze (thermi) - Monday, 22 September 2014, 12:39 GMT
Last edited by Gerardo Exequiel Pozzi (djgera) - Sunday, 27 March 2016, 15:57 GMT
|
Details
Description:
The syntax used in the systemd.unit for iptables uses the wrong syntax of iptables-restore. iptables-restore doesn't accept a file name as source of the rules. The rules are provided to the program by piping them into stdin. Hence ExecStart and ExecReload should use "/usr/bin/sh -c '/usr/bin/iptables-restore < /etc/iptables/iptables.rules'" Additional info: Package version: 1.4.21-1 |
This task depends upon
Closed by Gerardo Exequiel Pozzi (djgera)
Sunday, 27 March 2016, 15:57 GMT
Reason for closing: Upstream
Sunday, 27 March 2016, 15:57 GMT
Reason for closing: Upstream
That causes confusion if users start debugging their ruleset and look at the service file.
That just happened to me. That's why I reported it.