On 10 November 2015 at 09:19, wanglihe <wanglihe.program...@gmail.com> wrote: > Package: nftables > Version: 0.5-1~bpo8+1 > Severity: normal > > Dear Maintainer, > > When I ran command "systemctl enable nftables", it gave wrong message: > > Synchronizing state for nftables.service with sysvinit using > update-rc.d... > Executing /usr/sbin/update-rc.d nftables defaults > Executing /usr/sbin/update-rc.d nftables enable > update-rc.d: error: nftables Default-Start contains no runlevels, > aborting. > > It seems that you put run level after Default-stop, but it should put > after Default-start, in the file /etc/init.d/nftables.
If you are running systemd, you can forget about this sysvinit stuff. Please note that despite of these messages, * 'systemctl enable nftables' does enable the service * 'systemctl disable nftables' does disable the service (you may check with 'systemctl status nftables') The error messages is because the sysvinit-systemd compat stuff, which tries to sync systemd/sysvinit services so you may change between init systems smoothly. The sysvinit init script is shipped absolutely disabled, you have to manually edit the file to use it. > > When this bug fixed, maybe you should give tips about firewall rules, or > just leave "flush ruleset" in /etc/nftables.conf, I think everything > should not change after installation, not "connect refuse". > > The new nftables.conf need add one more line code about include files under > /etc/nftables/ . > Could you please elaborate a bit more? What is your use case? Are you complaining about the shipped /etc/nftables.conf file? I fail to understand what is wrong here. thanks, best regards -- Arturo Borrero González
