New comment by ailiop-git on void-packages repository https://github.com/void-linux/void-packages/pull/31145#issuecomment-850267277 Comment: > > The variable should probably be named 'fragment' and in general I think there's also a case here in the fragment case that isn't being checked, which is that if iptables-restore fails for any fragment that should abort the load. > > `iptables-restore file || exit 1` should do just that (unless I misunderstood something). We probably also need to flush everything in case a fragment fails, since it may leave the ruleset in an undesirable state, and also subsequent sv starts/restores will end up duplicating ruleset entries.