[CLUG] IP Tables Front End Project
Peter Flynn
peter at silmaril.ie
Mon Feb 21 23:01:41 GMT 2005
On Mon, 2005-02-21 at 22:35, adam beecher wrote:
> > I'm away Friday but have fun.
> >
> Friday /week/. Just in case you misread.
I did. Cool, thanks.
> > And BTW _how_ many records are you putting into this database?
> >
> Can't see there being more than a couple/few dozen in the rules table(s).
> The services table will have a few hundred rows, but that's nothing in RDBMS
> terms; and the log table will obviously have lots, but that's really only
> for debugging.
>
> The alternatives are:
>
> a) store them in the filesystem, which creates permissions issues;
I've obviously misunderstood: is the data secret, or do we just
not want it editable? Permissions are usually much more easily
fixed than database tables.
> b) write the iptables shell script, which requires complex parsers;
I've also been assuming that this gizmo *will* [be able to] write
an iptables shell script, so that the final settings can be
exported for replication on dozens of machines...
> c) talk directly to iptables, which would be kinda dodgy imho.
iptables only speaks Klingon anyway.
> I'm open to suggestion though, simpler the better as far as I'm concerned.
I'm easy...so long as it works :-)
///Peter
More information about the Cork
mailing list