Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
715693b93d
core-agent-linux/vm-systemd/qubes-firewall.service
Marek Marczykowski-Górecki 3fb258db47
network: order qubes-firewall service before enabling IP forwarding 
Start qubes-firewall (which will add "DROP by default" rule) before
enabling IP forwarding, to not leave a time slot where some connection
could go around configured firewall.

QubesOS/qubes-issues#3269
2017-11-20 02:42:39 +01:00

12 lines
242 B
Desktop File
Raw Blame History

[Unit]
Description=Qubes firewall updater
ConditionPathExists=/var/run/qubes-service/qubes-firewall
After=qubes-iptables.service
Before=qubes-network.service
[Service]
ExecStart=/usr/sbin/qubes-firewall
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink