| Summary: | split iptables rules-save | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sergio Bevilacqua <sergio.bevilacqua> |
| Component: | Vulnerabilities | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | enhancement | CC: | sergio.bevilacqua |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
hardcoding the chains is ugly post a patch to dynamically save/restore all the chains and we can talk |
i suggest to split iptables rules-save in four separate rulesets: one for every chain. /var/lib/iptables/sules-save -> /var/lib/iptables/{filter,mangle,nat,raw} this can simplify the maintenance on wide firewalls