Victor Stinner wrote:
Hi,
I found a bug in iptables-save: when fopen("/proc/net/ip_tables_names") fails,
iptables-save just exit with code 0 (success). I expected an error to make
this command works together:
$ iptables-save > /tmp/iptables-backup
$ iptables (...)
$ iptables-restore > /tmp/iptables-backup
The problem is that ip_tables module is not loaded before first iptables
command.
Workaround: load iptables kernel modules before calling iptables-save or check
that iptables-save is not empty.
Bugfix in iptables-save: exit with error code (1) on fopen failure => see
attached patch proposition. The error message could be "iptables kernel
module is not loaded (unable to open ...)" or something better. The most
important point is the exit code to make my bash script work :-)
Applied with a similar change for ip6tables-restore. Thanks Victor.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
