Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#42718 - [sshguard] depends on iptables in service file but not need when using ufw
Attached to Project:
Community Packages
Opened by John (graysky) - Saturday, 08 November 2014, 20:36 GMT
Last edited by Sergej Pupykin (sergej) - Monday, 02 March 2015, 16:23 GMT
Opened by John (graysky) - Saturday, 08 November 2014, 20:36 GMT
Last edited by Sergej Pupykin (sergej) - Monday, 02 March 2015, 16:23 GMT
|
DetailsUFW does not start either iptables.service nor ip6tables.service and works just fine without them. However, this package's sshguard.service is implicitly requiring them to be running which causes errors for users running ufw.
I don't know what the solution is, but the current implementation does not cover all firewall use-cases. Feedback from a knowledgeable person is needed :) * iptables.service - Packet Filtering Framework Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled) Active: failed (Result: exit-code) since Sat 2014-11-08 15:31:30 EST; 1s ago Process: 14934 ExecStart=/usr/bin/iptables-restore /etc/iptables/iptables.rules (code=exited, status=1/FAILURE) Main PID: 14934 (code=exited, status=1/FAILURE) Nov 08 15:31:30 mars systemd[1]: iptables.service: main process exited, code=exited, status=1/FAILURE Nov 08 15:31:30 mars systemd[1]: Failed to start Packet Filtering Framework. Nov 08 15:31:30 mars systemd[1]: Unit iptables.service entered failed state. Nov 08 15:31:30 mars iptables-restore[14934]: Can't open /etc/iptables/iptables.rules: No such file or directory Additional info: * package version(s) sshguard-1.5-16 Steps to reproduce: 1) Install ufw and configure it minimally so it will start and start it. 2) Install sshguard and start it. Now inspect `systemctl` and see the two failures of both iptables.service and ip6tables.service |
This task depends upon
Comment by Sergej Pupykin (sergej) -
Tuesday, 11 November 2014, 16:16 GMT
I've added ufw.service to After= and comment Wants= line. Did not build new package for this fix.
Comment by John (graysky) -
Monday, 02 March 2015, 15:44 GMT
- Field changed: Percent Complete (100% → 0%)
Your trunk changes work for me but why not push into [community]?