On Thursday 2009-03-19 14:50, Soren Hansen wrote: >On Thu, Mar 19, 2009 at 02:05:54PM +0100, Patrick McHardy wrote: >>>> If the iptables modules are not loaded when iptables-save is run, >>>> iptables-save will fail, because it can't open the relevant files in >>>> /proc. This patch makes iptables-save attempt to load the modules, >>>> and then retries. > >Right. I thought about just silently bailing out, but decided to go this >route instead. Explanation follows. > >$ sudo iptables-save >iptables-save v1.4.1.1: Unable to open /proc/net/ip_tables_names: No such file or directory >$ echo $? >1 > >I decided to try to load the modules instead of just silently returning, IMHO, it should not fail, not even silently, but return success. If x_tables.ko is not loaded, there cannot be any tables active anyway, and thus would be equal to a loaded x_tables.ko with no table modules (iptable_filter, etc.) loaded. >so that if iptables-save succeeds, you can reasonably expect >iptables-restore to work as well. `echo '' | iptables-restore` does work. One more reason to make iptables-save not outputting anything returning 0. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
