Hey. Not really sure whether these changes here makes things so much better:
1) It's still al just Wants, no Requires... i.e. if netfilter rules loading fails for whichever reason, the boot process will continue just normally, with networking and any daemons, that possibly require netfilter for their security, being brought up. 2) Some daemons might actually improperly start even before network.target or network-pre.target... while this is certainly bad, it likely happens in the realworld... so a dependency (or at least a Wants) on something much earlier would be useful... e.g. sysinit.target, which I use for that. 3) I don't quite understand the benefit of: Conflicts=shutdown.target Before=shutdown.target Doesn't this actually open a possible window int which daemons may still run but netfilter-persistent is going to be stopped and thus rules might be removed? Chris.
smime.p7s
Description: S/MIME cryptographic signature
