Any though of having archlinux-keyring-wkd-sync check for iptables and recommend rule?

20 Sep 2023

      Archdevs,

   Depending on how restrictive the iptables rules, if the IP for 
archlinux-keyring-wkd-sync falls into a blocked range, the logs quickly fill. 
An idea is to have the service insert a temporary rule to either (1) allow the 
IP for the sync check, or (2) allow established, related connections while the 
service runs.

   It may also be worth updating the wiki to provide model rules for 
iptables/nftables to allow archlinux-keyring-wkd-sync to run successfully.

   Just food for thought.

-- 
David C. Rankin, J.D.,P.E.