diff options
| author | Jakub Jirutka <jakub@jirutka.cz> | 2018-04-01 17:59:21 +0200 |
|---|---|---|
| committer | Jakub Jirutka <jakub@jirutka.cz> | 2018-04-01 19:03:36 +0200 |
| commit | 1ad0a892bd0a2ed6f3cb0b6e4c872439fb37e394 (patch) | |
| tree | 8a1be86e44ef300bbab83d6c9b297a711653eb36 /main/nftables/nftables.initd | |
| parent | 2221432434ddd269048e71a34cda6ebafbddcc9c (diff) | |
| download | aports-1ad0a892bd0a2ed6f3cb0b6e4c872439fb37e394.tar.bz2 aports-1ad0a892bd0a2ed6f3cb0b6e4c872439fb37e394.tar.xz | |
main/nftables: change default save location to /etc/firewall.nft
This is a configuration and so should be stored in /etc. Also nftables
format is very well suited for hand-written firewall configuration, not
just for dumping current rules managed manually by ntf tool or generated
by some shell script.
However, to be consistent with iptables package, I kept save_on_stop
enabled by default.
Diffstat (limited to 'main/nftables/nftables.initd')
| -rw-r--r-- | main/nftables/nftables.initd | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/main/nftables/nftables.initd b/main/nftables/nftables.initd index 56d31c3bba..13b2bc70fd 100644 --- a/main/nftables/nftables.initd +++ b/main/nftables/nftables.initd @@ -13,7 +13,7 @@ description_panic="Immediately drop all packets on all interfaces." description_reload="Clear current rulesets and load rulesets from the saved ruleset files." # Uppercase variables are there for backward compatibility. -: ${rules_file:=${NFTABLES_SAVE:="/var/lib/nftables/rules-save"}} +: ${rules_file:=${NFTABLES_SAVE:="/etc/firewall.nft"}} : ${save_options:=${SAVE_OPTIONS:="-n"}} : ${save_on_stop:=${SAVE_ON_STOP:="yes"}} : ${enable_forwarding:="no"} |