On Nov 7 2007 14:44, Peter Warasin wrote:
>Jan Engelhardt wrote:
>
>> |adds --table to iptables-restore which allows to restore only the
>> |supplied table
>
>This patch is already applied. Should i fix your suggestions or leave it
>as it is?
Try changing, it's just the Subversion thing.
>> |- while ((c = getopt_long(argc, argv, "bcvthnM:", options, NULL)) != -1) {
>> |+ while ((c = getopt_long(argc, argv, "bcvthnM:T:", options, NULL)) != -1) {
>>
>> Use -t instead, that would go in line with the -t from iptables.
>
>-t is already --test, therefore i used -T
>I suggest changing --test to --dry-run (-d), so -t will turn free for
>--table, what do you think?
Is a dry-run option really needed? iptables-edit does not commit
any tables to the kernel, so the program in itself is already
in dry-run mode. If the resulting ruleset that iptables-edit will
generate is not loadable (e.g. xt_somemodule missing), then
iptables-restore should turn that up when trying to load the
bogus ruleset.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
