|author||Joey Hess||2019-07-19 10:19:48 -0400|
|committer||Joey Hess||2019-07-19 10:19:48 -0400|
Diffstat (limited to 'doc')
1 files changed, 21 insertions, 0 deletions
diff --git a/doc/forum/How_to_make_P.Property.Firewall.rule_persistent/comment_2_bd74fdd792309a70d7de5f5198cf1092._comment b/doc/forum/How_to_make_P.Property.Firewall.rule_persistent/comment_2_bd74fdd792309a70d7de5f5198cf1092._comment
new file mode 100644
@@ -0,0 +1,21 @@
+ subject="""comment 2"""
+Funny, I never considered that the Firewall properties don't do anything
+I don't think we want to get propellor involved in booting the system,
+Using iptables-save seems to have a problem: If there are other iptables
+rules that were not set by this run of propellor, it will save those
+as well. So it could save rules that were set up by something else that was
+intended to be temporary, or perhaps rules that were set by a earlier
+propellor config and that then got deleted out of the propellor config.
+Another way to do it could be to have Firewall.rule add its configuration
+to Info and then Firewall.save could see the collected Info from all
+the rules and use it to generate the boot script itself.