From: Martin Vaeth <vaeth@mathematik.uni-wuerzburg.de>
To: gentoo-user@lists.gentoo.org
Subject: [gentoo-user] Re: Where to put advanced routing configuration?
Date: Fri, 11 Oct 2013 07:18:35 +0000 (UTC) [thread overview]
Message-ID: <slrnl5f9ik.or9.vaeth@lounge.imp.fu-berlin.de> (raw)
In-Reply-To: 524F39F6.4040409@orlitzky.com
Michael Orlitzky <michael@orlitzky.com> wrote:
>
> And my counterarguments:
>
> 1. The iptables-restore syntax is uglier and harder to read.
>
> 2. You get better error reporting calling iptables repeatedly.
>
> 3. The published interface will never change; iptables-restore reads an
> input language whose specification is "whatever iptables-save outputs."
>
> 4. A bash script is far more standard and less confusing to your coworkers.
>
> 5. You can't script iptables-restore!
Well, actually you can script iptables-restore.
In fact, you can write a function "ip4tables" which emulates the
behaviour of ip4tables by storing data in variables which are then
later passed to iptables-restore, and so the user sees almost no
difference although race conditions are avoided.
However, 3. is a severe problem for such complex functions.
There should be an official way how to avoid races,
e.g. if ip4tables itself would be able to successively extend
an output file which can then be used for iptables-restore.
If you have contact to the iptables developers, please suggest
such a thing. Or maybe somebody has a bette idea?
next prev parent reply other threads:[~2013-10-11 7:19 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-03 19:27 [gentoo-user] Where to put advanced routing configuration? Grant Edwards
2013-10-03 20:28 ` Kerin Millar
2013-10-04 16:25 ` [gentoo-user] " Grant Edwards
2013-10-04 21:58 ` [gentoo-user] " Michael Orlitzky
2013-10-04 22:33 ` Dragostin Yanev
2013-10-11 7:18 ` Martin Vaeth [this message]
2013-10-13 10:08 ` [gentoo-user] scripted iptables-restore (was: Where to put advanced routing configuration?) Martin Vaeth
2013-10-13 14:14 ` [gentoo-user] scripted iptables-restore Michael Orlitzky
2013-10-13 15:19 ` [gentoo-user] " Martin Vaeth
2013-10-13 16:37 ` Michael Orlitzky
2013-10-13 20:07 ` Martin Vaeth
2013-10-13 21:45 ` William Kenworthy
2013-10-14 12:08 ` Martin Vaeth
2013-10-14 13:27 ` William Kenworthy
2013-10-13 22:02 ` Michael Orlitzky
2013-10-14 11:49 ` Martin Vaeth
2013-10-14 14:26 ` Michael Orlitzky
2013-10-14 18:49 ` Martin Vaeth
2013-10-14 19:17 ` Michael Orlitzky
2013-10-14 20:31 ` Alan McKinnon
2013-10-15 1:06 ` Michael Orlitzky
2013-10-14 18:23 ` Tanstaafl
2013-10-14 18:52 ` Martin Vaeth
2013-10-14 19:40 ` Tanstaafl
2013-10-14 20:45 ` Alan McKinnon
2013-10-16 23:21 ` Walter Dnes
2013-10-17 6:59 ` Alan McKinnon
2013-10-18 2:30 ` Walter Dnes
2013-10-18 4:44 ` Alan McKinnon
2013-10-18 10:23 ` Tanstaafl
2013-10-18 11:19 ` Alan McKinnon
2013-10-18 14:05 ` Tanstaafl
2013-10-18 14:33 ` Alan McKinnon
2013-10-14 5:54 ` [gentoo-user] " Pandu Poluan
2013-10-14 5:57 ` [gentoo-user] scripted iptables-restore (was: Where to put advanced routing configuration?) Pandu Poluan
2013-10-14 11:52 ` [gentoo-user] " Martin Vaeth
2013-10-13 10:26 ` [gentoo-user] Where to put advanced routing configuration? shawn wilson
2013-10-13 13:53 ` Michael Orlitzky
2013-10-13 13:57 ` [gentoo-user] " Martin Vaeth
2013-10-05 21:01 ` [gentoo-user] " thegeezer
2013-10-06 16:16 ` [gentoo-user] " Grant Edwards
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=slrnl5f9ik.or9.vaeth@lounge.imp.fu-berlin.de \
--to=vaeth@mathematik.uni-wuerzburg.de \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox