Crowdsec-firewall-bouncer doesn't create tables after nftables reload

Hi,

On debian, after reloading nftables (systemctl reload nftables.service), the crowdsec-firewall-bouncer tables are deleted and are not automatically created unless I restart crowdsec-firewall-bouncer.

Thus, in the logs after de nftables reload i’ve got these errors : level=error msg=“can’t collect dropped packets for ipv4 from nft: exit status 1”

Is that an expected behavior ?

Thank you for your help.

1 Like

Hi,

same issue here, does anybody have a workaroud to this? Crowdsec-Firewall-Bouncer didn’t realize that nftables was restarted and didn’t rearrange the tables it needs to work…

Thank you

Copy and paste my answer from Discord

[16:18]Loz: You can edit the systemd unit file and add the PartOf attribute so do systemctl edit crowdsec-firewall-bouncer then add between the comments

[Unit]
PartOf=nftables.service