On Tue, Aug 16, 2016 at 07:44:33PM +0200, Pablo M. Bermudo Garay wrote: > If quotes are escaped, nft -f is unable to parse and load the translated > ruleset. > > Signed-off-by: Pablo M. Bermudo Garay <pablombg@xxxxxxxxx> > --- > iptables/xtables-translate.c | 11 +++++++++++ > 1 file changed, 11 insertions(+) > > diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c > index 3c577ed..914d3b1 100644 > --- a/iptables/xtables-translate.c > +++ b/iptables/xtables-translate.c > @@ -72,6 +72,11 @@ int xlate_action(const struct iptables_command_state *cs, bool goto_set, > .numeric = numeric, > .escape_quotes = true, > }; > + if (!strcmp(xtables_globals.program_name, > + "iptables-translate-restore") || > + !strcmp(xtables_globals.program_name, > + "ip6tables-translate-restore")) > + params.escape_quotes = false; > ret = cs->target->xlate(xl, ¶ms); > } > else I can see a 'bool restore' in do_command_xlate() provides this context, you can probably propagate this. This strcmp() is ugly using the global. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
