From: Reindl Harald <h.reindl@thelounge.net>
To: Alessandro Vesely <vesely@tana.it>, netfilter@vger.kernel.org
Subject: Re: Reload IPtables
Date: Mon, 28 Jun 2021 20:15:10 +0200 [thread overview]
Message-ID: <6c11cb87-6d80-8304-8f3f-59026ac8b682@thelounge.net> (raw)
In-Reply-To: <34c23c2d-1646-8ddf-b88c-92374cc7d51b@tana.it>
Am 28.06.21 um 19:35 schrieb Alessandro Vesely:
> On Mon 28/Jun/2021 14:03:30 +0200 Reindl Harald wrote:
>> Am 28.06.21 um 13:47 schrieb Alessandro Vesely:
>>> On Mon 28/Jun/2021 12:17:11 +0200 Reindl Harald wrote:
>>>> Am 28.06.21 um 11:23 schrieb Alessandro Vesely:
>>
>>>> do what you want but stop talking nonsense when it comes to best
>>>> practice
>>>
>>> One "best practice" that I'd object to is blindly restoring whatever
>>> was saved on shutdown. How can one control that? Booting with some
>>> clean, well-defined data looks safer
>>
>> WTF: there is nothing magically or blindly saved and changed at
>> shutdown, it's the whole state as it was, the outcome from your script
>>
>> do you guys not realize that your shellscripts are fine as mine are
>> but at the end the iptables ruleset has a defined state which want you
>> have restored 1:1 at boot
>
> If the defined state is the result of a shell script, re-running the
> same shell script should result in the same state. Restoring from the
> last-saved state may be faster/ cooler, but roughly equivalent
* it's faster
* it's atomic
* it has less dependencies
* it has less involved software
* it has less chances of breaking bugs
it's not about "cool" but acting with a brain and following the unix
way: one tool for one job
give me *one* vaild reason to waste ressources other than "everybody
does, that's why machines 10000 times faster than 30 years ago are in
many cases as slow because we waste ressources when they are available"
only the idea doing "roughly equivalent" but way slower when it costs
you *one line* do do it fast, clean and atomic should get you fired
whereever you work
but argue about it is braindead
next prev parent reply other threads:[~2021-06-28 18:15 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <08f069e3-914f-204a-dfd6-a56271ec1e55.ref@att.net>
2021-06-25 19:24 ` Reload IPtables slow_speed
2021-06-25 20:51 ` David Hajes
2021-06-25 21:30 ` slow_speed
2021-06-25 22:20 ` Stephen Satchell
[not found] ` <cd80bdd2-7816-f27f-d3fe-5042d213700e@satchell.net>
2021-06-25 22:37 ` slow_speed
2021-06-25 23:43 ` Reindl Harald
2021-06-25 23:47 ` slow_speed
2021-06-25 23:52 ` Reindl Harald
2021-06-26 7:19 ` David Hajes
2021-06-26 10:13 ` Reindl Harald
2021-06-26 10:27 ` David Hajes
2021-06-26 10:43 ` Reindl Harald
2021-06-26 10:54 ` David Hajes
2021-06-28 7:32 ` Alessandro Vesely, Alessandro Vesely
2021-06-28 7:46 ` Reindl Harald
2021-06-28 9:23 ` Alessandro Vesely, Alessandro Vesely
2021-06-28 9:43 ` Kerin Millar
2021-06-29 2:02 ` Neal P. Murphy
2021-06-29 2:02 ` Neal P. Murphy
[not found] ` <20210629083652.GA10896@salvia>
2021-06-29 8:37 ` Pablo Neira Ayuso
2021-07-01 1:49 ` Neal P. Murphy
2021-07-01 1:49 ` Neal P. Murphy
2021-06-29 9:10 ` Kerin Millar
2021-06-29 14:52 ` slow_speed
2021-06-29 15:18 ` Reindl Harald
2021-06-29 16:50 ` slow_speed
2021-07-01 2:31 ` Neal P. Murphy
2021-06-28 10:17 ` Reindl Harald
2021-06-28 11:47 ` Alessandro Vesely, Alessandro Vesely
2021-06-28 12:03 ` Reindl Harald
2021-06-28 13:46 ` Kerin Millar
2021-06-28 16:35 ` Reindl Harald
2021-06-28 17:10 ` Kerin Millar
2021-06-28 17:16 ` Reindl Harald
2021-06-28 17:35 ` Alessandro Vesely, Alessandro Vesely
2021-06-28 18:15 ` Reindl Harald [this message]
2021-06-28 13:36 ` Stephen Satchell
2021-06-27 14:56 ` slow_speed
2021-06-27 15:46 ` G.W. Haywood
2021-06-27 18:29 ` Stephen Satchell
2021-06-27 18:11 ` Kerin Millar
2021-06-27 18:32 ` slow_speed
2021-06-27 18:57 ` Reindl Harald
2021-06-27 20:57 ` slow_speed
2021-06-27 21:33 ` Reindl Harald
2021-06-27 19:07 ` Kerin Millar
2021-06-27 19:10 ` Kerin Millar
2021-06-27 19:56 ` Stephen Satchell
2021-06-27 20:12 ` Kerin Millar
2021-06-27 20:20 ` Reindl Harald
2021-06-27 19:43 ` Stephen Satchell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6c11cb87-6d80-8304-8f3f-59026ac8b682@thelounge.net \
--to=h.reindl@thelounge.net \
--cc=netfilter@vger.kernel.org \
--cc=vesely@tana.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.