On Mon, Jul 20, 2020 at 09:46:21AM +0100, fraser kendall wrote: > I have upgraded several machines to Beowulf over the last few months. > It has only once been problematic, but that was probably due to student > error. However, there is an ongoing issue with the upgrade to > iptables-nft so before starting the upgrade I opened a separate > terminal and issued # watch iptables -L. I expected to see the existing > tables overwritten with the default (ACCEPT everything and anything) > and was ready to issue a prompt # iptables-restore < /existing/rule/set > > However, what I was not prepared for was to see that, during the > download process and before the upgraded iptables package was > installed, the 'watching' terminal suddenly report that the iptables > command couldn't be found. It was over 5 minutes before the watching > terminal reported the expected 'upgraded' ruleset. I have two > questions. > > 1) Does this mean that during the upgrade process to Beowulf, there is > a minutes-long window during which the machine has no firewall at all? > > 2) Is this sufficiently alarming as to constitute a bug?
And did iptables work after the whole upgrade was finished? Did it still work as you intended? -- hendrik > > Best wishes > > fraser > > > _______________________________________________ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
