There's a closed pull request on the void-packages repository iptables: adjust run scripts for more configuration flexibility https://github.com/void-linux/void-packages/pull/31145 Description: The single configuration file approach that the iptables services provide precludes using it in more complicated buildouts such as ones defined with config management tools. This change takes a hybrid approach of the old method (to preserve backwards compatibility, etc) and the method taken with void-ansible-roles/network. Changes: No longer flush tables prior to loading new data - rely on finish in all cases Load data from /etc/iptables/iptables.rules and all found /etc/iptables.d/\*.rules Ditto ip6 equivalents (ip6rules.rules, ip6tables.d/\*.{,6}rules) Flush nat table in both v4 and v6 mode (nat table supported on v6 since kernel 3.7) Caveats: the ip6tables.d match is overly explicit since dash does not provide brace expansion and there is no particularly clean way to match a single character or empty when expanding globs. @ailiop-git #### General - [ ] This is a new package and it conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements) #### Have the results of the proposed changes been tested? - [x] I use the packages affected by the proposed changes on a regular basis and confirm this PR works for me - [ ] I generally don't use the affected packages but briefly tested this PR #### Does it build and run successfully? (Please choose at least one native build and, if supported, at least one cross build. More are better.) - [x] I built this PR locally for my native architecture, (x86_64) - [ ] I built this PR locally for these architectures (if supported. mark crossbuilds): - [ ] aarch64-musl - [ ] armv7l - [ ] armv6l-musl