[
https://issues.apache.org/jira/browse/BROOKLYN-36?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14058522#comment-14058522
]
ASF GitHub Bot commented on BROOKLYN-36:
----------------------------------------
Github user andreaturli commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/62#discussion_r14809842
--- Diff:
utils/common/src/main/java/brooklyn/util/ssh/IptablesCommands.java ---
@@ -93,7 +93,7 @@ public static String iptablesServiceStatus() {
*/
public static String saveIptablesRules() {
return BashCommands.alternatives(
- BashCommands.ifExecutableElse1("iptables-save",
sudo("iptables-save")),
+ BashCommands.ifExecutableElse1("apt-get",
BashCommands.installPackage("iptables-persistent")),
--- End diff --
Thanks @ahgittin for your comments.
My idea is slightly different: I wanted to make the `saveIptablesRules`
more portable across distros.
For rhel/centos the suggested way is to use `service iptables save` while
for debian/ubuntu it is available a package called `iptables-persistent` which
install a service on the box that save the iptables rules any time they change,
afaik.
Instead `iptables-save` seems misused here as it is generally useful when
you want to export iptables rules to a file using i.e.: `iptables-save >
/etc/sysconfig/iptables` and then `iptables-restore < /etc/sysconfig/iptables`
but this doesn't look helpful here. wdyt?
> IptablesCommands.saveIptablesRules doesn't work as expected
> -----------------------------------------------------------
>
> Key: BROOKLYN-36
> URL: https://issues.apache.org/jira/browse/BROOKLYN-36
> Project: Brooklyn
> Issue Type: Bug
> Reporter: Andrea Turli
> Assignee: Andrea Turli
> Priority: Minor
> Fix For: 0.7.0-SNAPSHOT
>
>
> This needs to be revisited as the behavior is not as described at
> http://www.thomas-krenn.com/en/wiki/Saving_Iptables_Firewall_Rules_Permanently,
> for example
--
This message was sent by Atlassian JIRA
(v6.2#6252)
