iptables and combining additional rule sources

Valdis Kl=?utf-8?Q?=c4=93?=tnieks valdis.kletnieks at vt.edu
Sat Apr 25 12:53:19 EDT 2020


On Sat, 25 Apr 2020 02:55:08 -0400, Jeffrey Walton said:

> One last question... Should I create my own target - say mediawiki -
> and append my rules to it? That may simplify things:
>
> * Header, newstuff and trailer is fixed
> * newstuff just jumps to mediawiki target
> * if mediawiki does not ban, then control returns to trailer
>
> Then, my out-of-proc service just keeps adding to mediawiki target. I
> don't need to write files in this case. I'll just keep adding to the
> running config.

That totally fails if your machine reboots, because there's no memory of
what the rules were before the reboot.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20200425/7c00f7ad/attachment.sig>


More information about the Kernelnewbies mailing list