[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#32465] Add iptables service

From: Ludovic Courtès
Subject: [bug#32465] Add iptables service
Date: Mon, 10 Sep 2018 14:51:58 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)


Arun Isaac <address@hidden> skribis:

>> it's not directly an answer to arun's patch (it is great), but I 
>> recently came accross firemason 
>> ( and 
>> and I thought we could 
>> implement something similar.
> This sounds interesting. I'll read about it, and if I can, try to
> implement something similar for Guix.

Agreed, it looks nice.

>> Of course, we should provide a mechanism to load files as a fallback, in 
>> which case additional rules from services should be ignored.
> Yes, I think this iptables service should exist independently as a
> fallback. So, I'll finish and push these services before studying
> firemason.

The nice thing is that we could detect conflicting iptables rules
statically if we wanted to: ‘guix system reconfigure’ would proceed if
and only if there are no conflicting rules.  I don’t know how difficult
and how annoying that could be, but it might be worth considering (as
future work…).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]