Autor: Lars Noodén Data: Para: dng Assunto: Re: [DNG] Recommended location for iptables rules
On 12/05/2016 09:59 PM, dev wrote: >
>
> On 12/05/2016 10:50 AM, Lars Noodén wrote:
>> Because iptables-apply is there by default, I'm leaning a bit
>> towards recommending /etc/network/iptables.up.rules as the
>> location over /etc/iptables/rules.v4
>
>
> Do you still need to consider some users may need ip6tables rules
> also?
Yes. However, it seems to be established practice that IPv6 rules more
or less mirror the IPv4 rules. So it seems to be less pressing than
where to put the iptables rules in general.
> Perhaps /etc/iptables/rules.v4 and /etc/iptables/rules.v6 make
> the most sense.
What do you see as the advantage? I'm interested in hearing the
rational for either /etc/iptables/ or /etc/network/ since iptables-apply
and iptables-persistent are conflicting and unlikely to be resolved
upstream in the immediate future.