On Thursday 2012-03-29 12:21, Sebastian Arcus wrote:
> Hi Jan
>
> On 29/03/12 11:00, Jan Engelhardt wrote:
>>
> </snip>
>>
>> The caveat with the kernel timezone is that Linux distributions may
>> ignore to set the kernel timezone, and instead only set the system
>> time. Even if a particular distribution does set the timezone at boot,
>> it is usually does not keep the kernel timezone offset - which is what
>> changes on DST - up to date. ntpd will not touch the kernel timezone,
>> so running it will not resolve the issue. As such, one may encounter a
>> timezone that is always +0000, or one that is wrong half of the time of
>> the year. As such, using --kerneltz is highly discouraged.
>>
> Thanks for taking the time to give a detailed reply. Just to make sure I
> understand correctly - would this mean that there is no reliable way to run
> time based iptables rules and have them keep up with DST changes correctly and
> automatically - without restarting the machine when the DST kicks in or out?
UTC is reliable, no? :)
If you can reliably update the kernel TZ [that is, whenever a DST switch
occurs], you can reliably match on non-UTC. This is possible from
userspace (anything else would be surprising, since the kernel does
not read arbitrary files).
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Netfilter Development]
[Linux Kernel Networking Development]
[Linux Networking Development]
[Linux Kernel Development]
[Linux Resources]
[LARTC]
[Bugtraq]
[Consulting]
[Free Internet Dating]
[Yosemite Forum]
[Photo]
