[Firehol-support] Errors when running firehol

Phil Whineray phil at sanewall.org
Wed Jan 28 00:31:34 CET 2015


On Tue, Jan 27, 2015 at 11:22:33PM +0200, Tsaousis, Costa wrote:
> Phil,
> 
> What if we write a 'check' function in firehol that runs a number of
> checks in the system to identify possible issues? We could include a
> check for this kernel option there.
> 
> A user will be able to execute 'firehol check' to run the checks and
> possibly find suggestions to impove his system. The same check could
> be run automatically if the execution stops due to an error.
> 
> There are already a number of checks spread in firehol to detect if
> iptables is enabled in the kernel, if the required kernel modules are
> present, if certain commands are present in the system, etc
> 
> We could have a file like /var/spool/firehol/system.conf with all the
> results of the checks, which is sourced every time firehol runs (this
> will also speed it a bit). If the file is not present, the check()
> function will be run to generate it. If we detect a kernel version
> change since the last time we executed check(), we could call it again
> and so forth.
> 
> Do you agree? Shall I open it in github?
> 
> Costa

Yes, open it. I think this or something similar could be very useful.

Would it speed execution further if the which_cmd only runs for
variable not already set? This sort of information could also be stored.

Phil


More information about the Firehol-support mailing list