![]() Using ipset with iptables has a subtelty: all sets should be defined before loading iptables rules that reffer to them.Īlso, you can not destroy a set used by iptables rule, and you can not create a set with the same name as used one. iptables-persistent - if you are capable of writing firewall rules without crutches. ![]() ufw - I don’t like it, but it is default.There are two most popular solutions for managing firewall in Ubuntu/Debian: Apparently, everybody who uses them have to create custom shell scripts for this task. Thanks to could not find any standard solution for saving ipset rules together with iptables. Thanks to : Added -exist option, allowing correct service restart when ip sets are already in use by iptables. UPDATE : Removed unnecessary DefaultDependencies=no line, that prevented ExecStop commands from running on shutdown/reboot. UPDATE : Added optional saving of changed ipset sets on service stop.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |