I changed this:
-Before=network.target
+Before=network-pre.target
+Wants=network-pre.target
and get following:
Jul 23 09:40:53 us-proxy1 ufw-init[424]: ip6tables-restore: line 4 failed
Jul 23 09:40:53 us-proxy1 systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE
Jul 23 09:40:53 us-proxy1 systemd[1]: ufw.service: Failed with result 'exit-code'.
Jul 23 09:40:53 us-proxy1 systemd[1]: Failed to start Uncomplicated firewall.
When I look at /lib/ufw/ufw-init-functions:
147 printf "*filter\n"\
148 ":INPUT DROP [0:0]\n"\
149 ":FORWARD DROP [0:0]\n"\
150 ":OUTPUT DROP [0:0]\n"\
151 "-A INPUT -i lo -j ACCEPT\n"\
152 "-A OUTPUT -o lo -j ACCEPT\n"\
153 "COMMIT\n" | ip6tables-restore || error="yes"
This might be realted to loopback interface not beeing configured ? So ufw starts too early ?
I changed this: network. target network- pre.target network- pre.target
-Before=
+Before=
+Wants=
and get following:
Jul 23 09:40:53 us-proxy1 ufw-init[424]: ip6tables-restore: line 4 failed
Jul 23 09:40:53 us-proxy1 systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE
Jul 23 09:40:53 us-proxy1 systemd[1]: ufw.service: Failed with result 'exit-code'.
Jul 23 09:40:53 us-proxy1 systemd[1]: Failed to start Uncomplicated firewall.
When I look at /lib/ufw/ ufw-init- functions:
147 printf "*filter\n"\
148 ":INPUT DROP [0:0]\n"\
149 ":FORWARD DROP [0:0]\n"\
150 ":OUTPUT DROP [0:0]\n"\
151 "-A INPUT -i lo -j ACCEPT\n"\
152 "-A OUTPUT -o lo -j ACCEPT\n"\
153 "COMMIT\n" | ip6tables-restore || error="yes"
This might be realted to loopback interface not beeing configured ? So ufw starts too early ?