subject:"Are there packages that modify iptables rules\?"

Re: How do packages that modify iptables rules prevent race conditions?

2015-11-12 Thread Pascal Hambourg

Patrick Schleizer a écrit : > > as I just learned on the mailing list, that at least the packages > fail2ban and miniupnpd [and most likely arno-iptables-firewall also] > modify iptables rules... Firewall managers such as ufw, shorewall, firestarter... Custom iptables scripts. IDS such as

Re: How do packages that modify iptables rules prevent race conditions?

2015-11-12 Thread Erwan David

Le 12/11/2015 20:47, Pascal Hambourg a écrit : > Patrick Schleizer a écrit : >> as I just learned on the mailing list, that at least the packages >> fail2ban and miniupnpd [and most likely arno-iptables-firewall also] >> modify iptables rules... > Firewall managers such as ufw, shorewall,

Re: How do packages that modify iptables rules prevent race conditions?

2015-11-12 Thread John Hasler

Patrick Schleizer writes: > I.e. two packages trying to add iptables rules at the same time and > thereby failing to do so? They can't do that as each call to iptables locks the table be operated on. Without -w iptables exits when it can't get the lock. With -w it waits. Pascal Hambourg

Are there packages that modify iptables rules?

2015-11-12 Thread Patrick Schleizer

Hi, are there packages that modify the system's iptables rules? Cheers, Patrick

Re: Are there packages that modify iptables rules?

2015-11-12 Thread Sven Hartge

Patrick Schleizer wrote: > are there packages that modify the system's iptables rules? fail2ban miniupnpd Grüße, Sven. -- Sigmentation fault. Core dumped.

How do packages that modify iptables rules prevent race conditions?

2015-11-12 Thread Patrick Schleizer

Hi, as I just learned on the mailing list, that at least the packages fail2ban and miniupnpd [and most likely arno-iptables-firewall also] modify iptables rules... Is there a chance for race conditions? I.e. two packages trying to add iptables rules at the same time and thereby failing to do so?

Re: How do packages that modify iptables rules prevent race conditions?

2015-11-12 Thread John Hasler

I think that the best solution would be for the script to construct a single iptables command string and then run it. -- John Hasler jhas...@newsguy.com Elmwood, WI USA

Re: How do packages that modify iptables rules prevent race conditions?

2015-11-12 Thread Sven Hartge

Patrick Schleizer wrote: > as I just learned on the mailing list, that at least the packages > fail2ban and miniupnpd [and most likely arno-iptables-firewall also] > modify iptables rules... > Is there a chance for race conditions? I.e. two packages trying to

Re: How do packages that modify iptables rules prevent race conditions?

Re: How do packages that modify iptables rules prevent race conditions?

Re: How do packages that modify iptables rules prevent race conditions?

Are there packages that modify iptables rules?

Re: Are there packages that modify iptables rules?

How do packages that modify iptables rules prevent race conditions?

Re: How do packages that modify iptables rules prevent race conditions?

Re: How do packages that modify iptables rules prevent race conditions?

8 matches

Site Navigation

Mail list logo

Footer information