Eric Garver

> If cloud-init wants to provide configuration for networking management services (like NetworkManager, systemd-networkd, ifupdown, you name it), I assume it has eplicit support for any of those services and...

> firewalld considers using DefaultDependencies=no I don't fully understand the implications of this. I'm just worried about breaking something else, i.e. a different ordering issue. :/

> This issue forced me, unfortunately, to stop using firewalld :( Could you try using `DefaultDependencies=no` in the firewalld service as indicated by @mbiebl above?

> Unfortunately, using DefaultDependencies=no won't be easy > > See https://lists.freedesktop.org/archives/systemd-devel/2022-March/047538.html Thanks for discussing it with the systemd folks. Sounds like it's possible, but difficult and would require functional code...

> My unit file (based on Fedora's one) from [the initial post](https://github.com/firewalld/firewalld/issues/414#issue-374459890) in `/etc/systemd/system` should allow it to work... I think this is the best option. Drop: ``` Before=network-pre.target Wants=network-pre.target...

Although, I wonder about things that talk to firewalld: NetworkManager, podman, libvirt.

@mbiebl, any thoughts on my previous 2 comments?

This is deliberate since 2937d89d959b ("ipset: only use "-exist" on restore"). Furthermore, newer firewalld disallows overlapping entries since 5b4e8918715a ("fix(ipset): disallow overlapping entries"). This addresses the inconsistent behavior between the...

> Firewalld Version > 0.9.3 You're using an old version of firewalld. commit 5b4e8918715a1d2e4abf77ed4eb3252486a19109 is v1.0.0 and later.

> I see, is there an option to silently ignore the error? No.