On Thu, Mar 19, 2009 at 02:05:54PM +0100, Patrick McHardy wrote: >>> If the iptables modules are not loaded when iptables-save is run, >>> iptables-save will fail, because it can't open the relevant files in >>> /proc. This patch makes iptables-save attempt to load the modules, >>> and then retries. >> Is this the correct list for this? > It is. The patch seems rather pointless though, if the module isn't > loaded, there's obviously nothing to save. Right. I thought about just silently bailing out, but decided to go this route instead. Explanation follows. >> If the iptables modules are not loaded when iptables-save is run, >> iptables-save will fail > What does "fail" mean in this context? $ sudo iptables-save iptables-save v1.4.1.1: Unable to open /proc/net/ip_tables_names: No such file or directory $ echo $? 1 I decided to try to load the modules instead of just silently returning, so that if iptables-save succeeds, you can reasonably expect iptables-restore to work as well. I would be quite surprised if I found that the firewall rules I just saved (perhaps not realising that there weren't any) coulnd't be loaded again, which is what you'd get if your system had no iptables support at all. -- Soren Hansen | Lead Virtualisation Engineer | Ubuntu Server Team Canonical Ltd. | http://www.ubuntu.com/
Attachment:
signature.asc
Description: Digital signature