[Tails-dev] Please review feature/use_ferm

Delete this message

Reply to this message
Autor: Ague Mill
Data:  
A: tails-dev
Assumpte: [Tails-dev] Please review feature/use_ferm
Hi!

The branch feature/use_ferm turns our DIY iptables-restore script into a
ferm configuration file. See <https://tails.boum.org/todo/ferm/> for
details.

Comparing the output of `iptables-save` with the one of 0.13, I have
only this minor difference:

--A OUTPUT -d 127.0.0.1/32 -o lo -p tcp -m owner --uid-owner amnesia -m tcp --dport 9051 --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
+-A OUTPUT -d 127.0.0.1/32 -o lo -p tcp -m owner --uid-owner amnesia -m tcp --dport 9051 -j ACCEPT

Which, as a matter of consistency, is probably better.

Reviews welcome, candidate for the next major release.

--
Ague