main/nftables: moved from testing

Since linux 3.18 the elaborate clear logic is no longer needed. Replace it with the safer: nft flush ruleset
author: Eivind Uggedal <eivind@uggedal.com> 2015-09-15 15:42:22 +0000
committer: Eivind Uggedal <eivind@uggedal.com> 2015-09-15 15:48:25 +0000
commit: 1ab972294e757a1e38b1123f023e96a94cb409fb (patch)
tree: 348debb9b0f043e49c62bfc209b96eab19ef4e15 /main/nftables/nftables.confd
parent: 2a866db42b298ebc0b7d3b5640619e9788d4d135 (diff)
download: aports-1ab972294e757a1e38b1123f023e96a94cb409fb.tar.bz2
aports-1ab972294e757a1e38b1123f023e96a94cb409fb.tar.xz
1 files changed, 19 insertions, 0 deletions
diff --git a/main/nftables/nftables.confd b/main/nftables/nftables.confd
new file mode 100644
index 0000000000..8048a2ad8e
--- /dev/null
+++ b/main/nftables/nftables.confd
@@ -0,0 +1,19 @@
+# /etc/conf.d/nftables
+
+# Location in which nftables initscript will save set rules on
+# service shutdown
+NFTABLES_SAVE="/var/lib/nftables/rules-save"
+
+# Options to pass to nft on save
+SAVE_OPTIONS="-n"
+
+# Save state on stopping nftables
+SAVE_ON_STOP="yes"
+
+# If you need to log nftables messages as soon as nftables starts,
+# AND your logger does NOT depend on the network, then you may wish
+# to uncomment the next line.
+# If your logger depends on the network, and you uncomment this line
+# you will create an unresolvable circular dependency during startup.
+# After commenting or uncommenting this line, you must run 'rc-update -u'.
+#rc_use="logger"
author	Eivind Uggedal <eivind@uggedal.com>	2015-09-15 15:42:22 +0000
committer	Eivind Uggedal <eivind@uggedal.com>	2015-09-15 15:48:25 +0000
commit	1ab972294e757a1e38b1123f023e96a94cb409fb (patch)
tree	348debb9b0f043e49c62bfc209b96eab19ef4e15 /main/nftables/nftables.confd
parent	2a866db42b298ebc0b7d3b5640619e9788d4d135 (diff)
download	aports-1ab972294e757a1e38b1123f023e96a94cb409fb.tar.bz2 aports-1ab972294e757a1e38b1123f023e96a94cb409fb.tar.xz