22 lines
634 B
Django/Jinja
22 lines
634 B
Django/Jinja
# {{ ansible_managed }}
|
|
# Based on the default Debian 12 `/lib/systemd/system/nftables.service`
|
|
[Unit]
|
|
Description=nftables SCE port mapping rules
|
|
Wants=network-pre.target
|
|
Before=network-pre.target shutdown.target
|
|
Conflicts=shutdown.target
|
|
After=nftables.service
|
|
DefaultDependencies=no
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
StandardInput=null
|
|
ProtectSystem=full
|
|
ProtectHome=true
|
|
ExecStart=/usr/sbin/nft -f /etc/{{ firewall_nft_table_filename }}.conf
|
|
ExecReload=/usr/sbin/nft -f /etc/{{ firewall_nft_table_filename }}.conf
|
|
ExecStop=/usr/sbin/nft delete table inet {{ firewall_nft_table_name }}
|
|
|
|
[Install]
|
|
WantedBy=sysinit.target
|