:: Re: [DNG] Recommended location for …
Top Page
Delete this message
Reply to this message
Author: Lars Noodén
Date:  
To: dng
Subject: Re: [DNG] Recommended location for iptables rules
On 12/06/2016 12:14 AM, KatolaZ wrote:
> ...
> The old Debian standard used to be /var/lib/iptables/, and I
> don't know when this behaviour changed (especially because I never
> changed it, despite the choices made by DDs). ...


Thanks. That seems to fit with hier(7) too. So I will go with that.

The recent Debian documentation also contributed to the confusion.  e.g.
    https://wiki.debian.org/iptables
    https://wiki.debian.org/DebianFirewall


Along those lines, should we recommend that iptables rules be loaded via
init or via some script in /etc/network/if-pre-up.d/ connected to the
interface? I realize /etc/ has to be on the same file system as / but
it seems awkward to have executables there anyway.

Regards
Lars