On 2012-02-15, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: > thats right, but if you have any error in your rules you get > a problem because in the worst no firewall at all is active > > dooing it with a shell-script results only in failing one > rule with a error-message and apply the other ones, timing > is usually not the problem if you don't have thousands of rules > > iptables-restore format has transaction system for this purpose. You can create atomic updates consisting of more rules. This is even superior to iptables command. -- Petr -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
