Re: Reload IPtables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





Am 28.06.21 um 19:35 schrieb Alessandro Vesely:
On Mon 28/Jun/2021 14:03:30 +0200 Reindl Harald wrote:
Am 28.06.21 um 13:47 schrieb Alessandro Vesely:
On Mon 28/Jun/2021 12:17:11 +0200 Reindl Harald wrote:
Am 28.06.21 um 11:23 schrieb Alessandro Vesely:

do what you want but stop talking nonsense when it comes to best practice

One "best practice" that I'd object to is blindly restoring whatever was saved on shutdown.  How can one control that?  Booting with some clean, well-defined data looks safer

WTF: there is nothing magically or blindly saved and changed at shutdown, it's the whole state as it was, the outcome from your script

do you guys not realize that your shellscripts are fine as mine are but at the end the iptables ruleset has a defined state which want you have restored 1:1 at boot

If the defined state is the result of a shell script, re-running the same shell script should result in the same state.  Restoring from the last-saved state may be faster/ cooler, but roughly equivalent

* it's faster
* it's atomic
* it has less dependencies
* it has less involved software
* it has less chances of breaking bugs

it's not about "cool" but acting with a brain and following the unix way: one tool for one job

give me *one* vaild reason to waste ressources other than "everybody does, that's why machines 10000 times faster than 30 years ago are in many cases as slow because we waste ressources when they are available"

only the idea doing "roughly equivalent" but way slower when it costs you *one line* do do it fast, clean and atomic should get you fired whereever you work

but argue about it is braindead



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux