[Firehol-support] Errors when running firehol
Phil Whineray
phil at sanewall.org
Tue Jan 27 23:31:34 GMT 2015
On Tue, Jan 27, 2015 at 11:22:33PM +0200, Tsaousis, Costa wrote:
> Phil,
>
> What if we write a 'check' function in firehol that runs a number of
> checks in the system to identify possible issues? We could include a
> check for this kernel option there.
>
> A user will be able to execute 'firehol check' to run the checks and
> possibly find suggestions to impove his system. The same check could
> be run automatically if the execution stops due to an error.
>
> There are already a number of checks spread in firehol to detect if
> iptables is enabled in the kernel, if the required kernel modules are
> present, if certain commands are present in the system, etc
>
> We could have a file like /var/spool/firehol/system.conf with all the
> results of the checks, which is sourced every time firehol runs (this
> will also speed it a bit). If the file is not present, the check()
> function will be run to generate it. If we detect a kernel version
> change since the last time we executed check(), we could call it again
> and so forth.
>
> Do you agree? Shall I open it in github?
>
> Costa
Yes, open it. I think this or something similar could be very useful.
Would it speed execution further if the which_cmd only runs for
variable not already set? This sort of information could also be stored.
Phil
More information about the Firehol-support
mailing list