Mailinglist Archive: opensuse-factory (745 mails)

< Previous Next >
Re: [opensuse-factory] firewalld migration (was: Tumbleweed - Review of the week 2018/03)

On Thursday 2018-01-25 15:54, Matthias Gerstner wrote:

One thing that seems to be missing in firewalld is the equivalent of
I have not found a similar way of conditional loading of rules, depending on
the ability to load a module. Did I miss something?

well you _can_ load custom rules with firewalld, but without any
conditional logic.
Like Markos already suggested you might be able to design a script or
systemd service that runs after firewalld loads and adds such
conditional rules.

Hold my beer.

zypper in xtables-addons-kmp
iptables -m condition --condition c1 ...
echo -en '#!/bin/sh\necho 1 >/proc/net/nf_condition/c1\n' >/usr/local/sbin/s1
chmod a+x /usr/local/sbin/s1
echo 'install moduleinquestion /usr/local/sbin/s1; modprobe --ignore-install
moduleinquestion' >>/etc/modprobe.d/t1.conf
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups