On Mon, 28 Jun 2021 18:35:59 +0200 Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: > > > Am 28.06.21 um 15:46 schrieb Kerin Millar: > > On Mon, 28 Jun 2021 14:03:30 +0200 > > Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: > > > >>>> do what you want but stop talking nonsense when it comes to best practice > >>> > >>> One "best practice" that I'd object to is blindly restoring whatever was > >>> saved on shutdown. How can one control that? Booting with some clean, > >>> well-defined data looks safer > >> > >> WTF: there is nothing magically or blindly saved and changed at > >> shutdown, it's the whole state as it was, the outcome from your script > > > > Not that I can speak on Allesandro's behalf but I'm presuming it's a reference to the save-upon-stop behaviour that may occur as a consequence of the integration performed by certain distro vendors. For example, Gentoo has a SAVE_ON_STOP option that its iptables runscript honours. I'm not sure that I've ever seen it be referred to as a good pratice, per se, but some people appreciate having such options at their disposal > > and how do you think should there be something different as you are using? I can't parse that. > > don't you simply not understand what save/restore does? > your active ruleset don't fall from heaven I'm not sure who you are addressing at this point but you can be assured that I am aware of what saving and restoring entails. > > it's not magically changed unless you change something with iptables or > your script > > and hell that's why when you changed something and want to reload the > last boot state you restore and you are done - that's the topic here Granted, the thread does seem to have meandered out into the weeds at this point. With that, I'm out. -- Kerin Millar
