[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#32465] Add iptables service
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#32465] Add iptables service |
|
Date: |
Mon, 10 Sep 2018 14:51:58 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Hello,
Arun Isaac <address@hidden> skribis:
>> it's not directly an answer to arun's patch (it is great), but I
>> recently came accross firemason
>> (http://www.cs.yale.edu/homes/zhai-ennan/firemason.pdf and
>> https://github.com/BillHallahan/FireMason) and I thought we could
>> implement something similar.
>
> This sounds interesting. I'll read about it, and if I can, try to
> implement something similar for Guix.
Agreed, it looks nice.
>> Of course, we should provide a mechanism to load files as a fallback, in
>> which case additional rules from services should be ignored.
>
> Yes, I think this iptables service should exist independently as a
> fallback. So, I'll finish and push these services before studying
> firemason.
The nice thing is that we could detect conflicting iptables rules
statically if we wanted to: ‘guix system reconfigure’ would proceed if
and only if there are no conflicting rules. I don’t know how difficult
and how annoying that could be, but it might be worth considering (as
future work…).
Thanks,
Ludo’.
- [bug#32465] Add iptables service, Ludovic Courtès, 2018/09/04
- [bug#32465] Add iptables service, Julien Lepiller, 2018/09/04
- [bug#32465] Add iptables service, Arun Isaac, 2018/09/05
- [bug#32465] Add iptables service, Arun Isaac, 2018/09/14
- [bug#32465] Add iptables service, Ludovic Courtès, 2018/09/17
- [bug#32465] Add iptables service, Arun Isaac, 2018/09/18
- [bug#32465] Add iptables service, Ludovic Courtès, 2018/09/18
- [bug#32465] Add iptables service, Arun Isaac, 2018/09/18
- [bug#32465] Add iptables service, Ludovic Courtès, 2018/09/19
- bug#32465: Add iptables service, Arun Isaac, 2018/09/20