On Mon, 20 Oct 2008 10:42:53 -0500, Sinister Midget wrote:

> On 2008-10-20, Terry Porter claimed:
>> On Wed, 15 Oct 2008 21:27:58 -0400, Erik Funkenbusch wrote:

>
>> This stuff is iptables 101 Eric, WHAT are you doing messing around with
>> this stuff when you have NO CLUE ?
>>
>> You can't even SPECIFY the problem properly!
>>
>> There is no 'UNLOAD' command there is only flushing the iptables
>> rulesets and naturally this BLOCKS everything.
>>
>> Usually this takes the form of :-
>> iptables -F
>> iptables -t nat -F
>>
>> I have a little shell script that I use as a last ditch recovery tool
>> should it be needed, and I leave this in the /root directory. It
>> flushes the iptables ruleset and than opens everything up, by ACCEPTING
>> all connections. *Don't* use this on your firewall while it's connected
>> to the Internet!
>>
>> ..................iptc.sh....................... #!/bin/bash
>> # Clear all tables:-
>> iptables -F
>> iptables -t nat -F
>>
>> # Enable all inputs/outputs:-
>> iptables -A INPUT -i ethX -j ACCEPT
>> iptables -A INPUT -i lo -j ACCEPT
>> iptables -P OUTPUT ACCEPT
>> .............................................
>>
>> Loading a new ruleset over an existing is pretty much instant and
>> doesn't interfere with things (unless it removes important rulesets), I
>> know as I do this a lot myself.

>
> Which is exactly why I asked what it was he was doing.


I know
I saw that post of yours and have commented in a followup.

> Even in a
> workaround situation (such as the script, or a modified one that sets up
> a lot of rules) it should happen so fast as to be undetectable, more
> like a quick network glitch. Certainly not a long laborious process the
> way he makes it sound.


So true, why it *almost* sounds like Erik is a ...... Wintroll! shock horror>

>
> Hell, if it happens with frequency just cronjob the thing and it can
> take care of itself. If they're using Windwoes (my guess) they're
> already accustomed to long timeouts.


They're accustomed to all kinds of time wasting things that Linux users
would NOT put up with.

> They wouldn't even notice a
> split-second glitch every hour and a half that reset the rules. More
> than likely the desktops would all be in the middle of one of their
> frequent 10-second confused states anyway.


Thank God I haven't used Windows in 11 years, I couldn't bear that crap!

>
> But I never got any answers from Erik because he was already in a corner
> and had no place left to go. And he knew it.


Erik is a odd one, not infantile like the Wintroll-Children, not sad like
the Flatfish and not rude, he *seems* to make an effort to use Linux.

But Erik is stuck in a time warp as he had the same Linux problems when I
was last here in 2001.

This can only be intentional.





--
Linux full time, on the desktop, since August 1997