Hi, Brian J. Murrell wrote: >> You could keep a small file and reload from that in /etc/shorewall/start. > > Yeah, that's basically what I was describing above. Still it might be > an interesting feature to be able to save and restore the contents of an > action (i.e. a chain) through start/stop/restart, etc.
Why don't you use fail2ban with ipset? ipsets offer better performance over multiple rules. Most distributions are shipping scripts with their ipset packages, which will save/restore created ipsets on shutdown/start. If not, shorewall offers ipset saving/restoring support. -Thomas ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
