Change in shield-trigger-iptables for ipset support

[arnaudf92]

Hello,

As requested pls find the pull request for ipset support

[h0tw1r3]

Thanks for the submission, before I can review and test, please:

• rebase on the latest shield-trigger-iptables script
• only change what is necessary to implement ipset support,
• ensure sync support is implemented

[arnaudf92]

Hello,
Ok.
Could you pls elaborate a bit more on sync feature ?
I see this is basically an "iptables check" thing. Is it just purported for pam_shield to check if a database ip is indeed present in iptables rules (or ipset) ?

EDIT : could you pls confirm that sync cmd means "check a 'database IP' and insert it as a rule/member if not exists" ?

[h0tw1r3]

EDIT : could you pls confirm that sync cmd means "check a 'database IP' and insert it as a rule/member if not exists" ?

That's correct.

[arnaudf92]

Hello,
I've pushed a new version of the shield-trigger-iptables script.
You can see it on the "Files changed" tab.

[arnaudf92]

Hello,
I've just pushed a new version fixing lint errors

[arnaudf92]

Hello,

Should be ok ("all checks have passed").

[arnaudf92]

Hello,
No news since latest commit on May, 30th.
Any rework required ?