[Firehol-support] [ANNOUNCE] FireHOL 2.0.0-rc.1 released

Jerome BENOIT g6299304p at rezozer.net
Mon Sep 22 23:20:11 BST 2014


Hello Chris,

On 22/09/14 23:55, Chris Francy wrote:
> On Thu, Sep 18, 2014 at 1:57 PM, Jerome BENOIT <g6299304p at rezozer.net> wrote:
> 
>> I did the move because I realised that it was an illusion to keep firehol
>> in /sbin given that the firehol script uses a large amount of utilities
>> that are in /usr/bin to /usr/sbin
> 
> I actually looked at the script and you are completely right.  It
> seems like more than half of the of the external binaries used are
> under `/usr/(bin|sbin)` on my wheezy host.  Since that is the case the
> move makes sense.

As second thought, I think that I took the laziest way
in the sense that the set of used tools can certainly be reduced,
and hopefully reduced to a set of /sbin or /bin members only.
This might be a demanding work.
This is in fact one possibility.

An other one would be to keep the generated iptable and load it
at boot time instead of generating it at each boot time.
This a feature that can be added to FireHOL.

Best wishes,
Jerome

> 
> Chris
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.firehol.org
> http://lists.firehol.org/mailman/listinfo/firehol-support
> 



More information about the Firehol-support mailing list