I have upgraded several machines to Beowulf over the last few months. It has only once been problematic, but that was probably due to student error. However, there is an ongoing issue with the upgrade to iptables-nft so before starting the upgrade I opened a separate terminal and issued # watch iptables -L. I expected to see the existing tables overwritten with the default (ACCEPT everything and anything) and was ready to issue a prompt # iptables-restore < /existing/rule/set
However, what I was not prepared for was to see that, during the download process and before the upgraded iptables package was installed, the 'watching' terminal suddenly report that the iptables command couldn't be found. It was over 5 minutes before the watching terminal reported the expected 'upgraded' ruleset. I have two questions. 1) Does this mean that during the upgrade process to Beowulf, there is a minutes-long window during which the machine has no firewall at all? 2) Is this sufficiently alarming as to constitute a bug? Best wishes fraser _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
