On Tuesday 2011-04-05 11:49, Maciej Åenczykowski wrote:
>From: Maciej Åenczykowski <maze@xxxxxxxxxx>
>
>I'm posting this mostly to inspire discussion.
>
>I'd like to merge iptables-multi and ip6tables-multi
>into a single multi-purpose binary xtables-multi.
>
>I can think of a few ways to do this... any preferences?
>
>a) we delete iptables-multi and ip6tables-multi and only build xtables-multi
>which depending on whether we're including v4 and/or v6 has different capabilities
>unfortunately we lose support for 'iptables-multi save', since with 'xtables-multi save'
>it would not be clear whether ipv4 or ipv6 was meant
There is only one time when you want to use `iptables-multi save`, and
that is when you are running it from within the object directory you
just compiled. In a standard system, i.e. where iptables is in
/usr/sbin, the symlinks will be used.
Since iptables/iptables-save/iptables-restore are currently symlinks to
iptables-multi, and the action is determined by looking at argv[0],
changing iptables-multi into xtables-multi merely means augmenting the
name checks. (/usr/sbin/)iptables-multi and ip6tables-multi can then
simply be removed.
As for the in-object-dir build, just add recognition for a "save6"
string.
>+ {"iptables", iptables_main},
>+ {"iptables-save", iptables_save_main},
>+ {"iptables-restore", iptables_restore_main},
>+ {"iptables-xml", iptables_xml_main},
>+ {"ip6tables", ip6tables_main},
>+ {"ip6tables-save", ip6tables_save_main},
>+ {"ip6tables-restore", ip6tables_restore_main},
>+ {NULL},
Just like this.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
