Blacklist not updating (v1.667) [look in ipset list instead of iptables]
I tried to add a local blacklist entry, but it only runs
ip_blacklist SET network_ip_blacklist_clear
Even after restarting kiwid, there is no active iptables entry.
It looks like you're new here. If you want to get involved, click one of these buttons!
I tried to add a local blacklist entry, but it only runs
ip_blacklist SET network_ip_blacklist_clear
Even after restarting kiwid, there is no active iptables entry.
Comments
Using an individual iptables entry for each blacklist entry (global or local) has been replaced by using a single "ipset" list. This is because ipset lists are faster to maintain. And as a result prevents the long delay in connecting as admin right after a server restart (due to config file locking interference).
So when you list the iptable entries (perhaps via the shell
ipt
alias) you will now only see the single entrymatch-set ipset-kiwi src
in theKIWI
chain. Theipset list
command (aliasips
) now shows each individual blacklist entry.I should have known that. It's really much faster. Thank you.