If quotes are escaped, nft -f is unable to parse and load the translated ruleset. Signed-off-by: Pablo M. Bermudo Garay <pablombg@xxxxxxxxx> --- iptables/xtables-translate.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index 3c577ed..914d3b1 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -72,6 +72,11 @@ int xlate_action(const struct iptables_command_state *cs, bool goto_set, .numeric = numeric, .escape_quotes = true, }; + if (!strcmp(xtables_globals.program_name, + "iptables-translate-restore") || + !strcmp(xtables_globals.program_name, + "ip6tables-translate-restore")) + params.escape_quotes = false; ret = cs->target->xlate(xl, ¶ms); } else @@ -100,6 +105,12 @@ int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl) .escape_quotes = true, }; + if (!strcmp(xtables_globals.program_name, + "iptables-translate-restore") || + !strcmp(xtables_globals.program_name, + "ip6tables-translate-restore")) + params.escape_quotes = false; + if (!matchp->match->xlate) return 0; -- 2.9.3 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
