Re: Bug? iptables-save dumps resolved uids/gids for owner matches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 2010-12-06 14:38, Ferenc Wagner wrote:
>
>>> This is indeed true if you only use a local passwd and group database.
>>
>> (Is your LDAP _that_ slow?)
>
>It's dog slow until the network is brought up...  But maybe there's some
>misunderstanding here.  My problem isn't slowness, it's the fundamental
>impossibility of resolving the user names to numbers before the network
>is up.

If the network is not up, the potential connections to the database
immediately terminate with "No route to host".

>And that's the very time to install firewall rules, isn't it?

Yes indeed.

>> The change is now in git://dev.medozas.de/iptables .
>
>How cool!  So you decided to change the default behaviour after all!

I just like to light up more corners before making decisions.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux