-
Notifications
You must be signed in to change notification settings - Fork 6
Implement support for whitelists, default-deny/allow (rebase) #8
Conversation
@vyzo can we take another pass on this? |
@bigs can you look at the comment about the potential bug? |
@vyzo yeah, that was discussed in the original PR. i guess it's supposed to match the semantics of iptables |
Is there any update here? We really need this for github.com/prysmaticlabs/prysm |
@prestonvanloon thanks for raising the voice here. I've added this to my queue for tomorrow. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good to me on a high level, I like that it keeps backward compatibility. 👏
Naming needs a cleanup, there's six names (block, reject, deny, allow, accept, whitelist) where two would be appropriate. Whitelist in particular isn't a good name because it's a metaphor that's easy to misunderstand or not understand at all.
There's also a bit of diff clutter because you renamed f
to fs
in some cases - it'll be easier to review without that rename. I'm fine with that type of change but it shouldn't be included in PRs that already contain significant changes on their own.
I'll take care of adjusting this PR in accordance with review feedback. |
looks much better. |
All done here. I've also reworked the commit history to group all contributions while retaining authorship. |
LGTM! thanks @raulk! |
Can this be merged? |
@prestonvanloon yes, let's do that 👍 |
@prestonvanloon released in v0.0.2; update with gomod! |
Rebasing #1 so that we can progress with it.