brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (BROOKLYN-36) IptablesCommands.saveIptablesRules doesn't work as expected
Date Fri, 11 Jul 2014 07:48:04 GMT

    [ https://issues.apache.org/jira/browse/BROOKLYN-36?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14058522#comment-14058522
] 

ASF GitHub Bot commented on BROOKLYN-36:
----------------------------------------

Github user andreaturli commented on a diff in the pull request:

    https://github.com/apache/incubator-brooklyn/pull/62#discussion_r14809842
  
    --- Diff: utils/common/src/main/java/brooklyn/util/ssh/IptablesCommands.java ---
    @@ -93,7 +93,7 @@ public static String iptablesServiceStatus() {
          */
         public static String saveIptablesRules() {
             return BashCommands.alternatives(
    -                BashCommands.ifExecutableElse1("iptables-save", sudo("iptables-save")),
    +                BashCommands.ifExecutableElse1("apt-get", BashCommands.installPackage("iptables-persistent")),
    --- End diff --
    
    Thanks @ahgittin for your comments.
    
    My idea is slightly different: I wanted to make the `saveIptablesRules` more portable
across distros.
    For rhel/centos the suggested way is to use `service iptables save` while for debian/ubuntu
it is available a package called `iptables-persistent` which install a service on the box
that save the iptables rules any time they change, afaik.
    
    Instead `iptables-save` seems misused here as it is generally useful when you want to
export iptables rules to a file using i.e.: `iptables-save > /etc/sysconfig/iptables` and
then `iptables-restore < /etc/sysconfig/iptables` but this doesn't look helpful here. wdyt?


> IptablesCommands.saveIptablesRules doesn't work as expected
> -----------------------------------------------------------
>
>                 Key: BROOKLYN-36
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-36
>             Project: Brooklyn
>          Issue Type: Bug
>            Reporter: Andrea Turli
>            Assignee: Andrea Turli
>            Priority: Minor
>             Fix For: 0.7.0-SNAPSHOT
>
>
> This needs to be revisited as the behavior is not as described at http://www.thomas-krenn.com/en/wiki/Saving_Iptables_Firewall_Rules_Permanently,
for example



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message