arptables classic doesn't have arptables-save, it only has a perl script that attempts to emulate iptables-save. It supports no options, and thus has no way to dump counters. Add -c option, like iptables to enable this. Signed-off-by: Florian Westphal <fw@xxxxxxxxx> --- iptables/nft-arp.c | 17 +++++++++-------- iptables/xtables-save.c | 27 ++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index 3d2ae3bfc056..f9352297d83b 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -570,6 +570,14 @@ after_devdst: } } +static void nft_arp_save_counters(const void *data) +{ + const struct iptables_command_state *cs = data; + + printf("[%llu:%llu] ", (unsigned long long)cs->arp.counters.pcnt, + (unsigned long long)cs->arp.counters.bcnt); +} + static void nft_arp_save_rule(const void *data, unsigned int format) { @@ -587,13 +595,6 @@ nft_arp_save_rule(const void *data, unsigned int format) cs->target->save(&cs->arp, cs->target->t); } - if (!(format & FMT_NOCOUNTS)) { - printf(", pcnt="); - xtables_print_num(cs->arp.counters.pcnt, format); - printf("-- bcnt="); - xtables_print_num(cs->arp.counters.bcnt, format); - } - if (!(format & FMT_NONEWLINE)) fputc('\n', stdout); } @@ -692,7 +693,7 @@ struct nft_family_ops nft_family_ops_arp = { .print_header = nft_arp_print_header, .print_rule = nft_arp_print_rule, .save_rule = nft_arp_save_rule, - .save_counters = NULL, + .save_counters = nft_arp_save_counters, .save_chain = nft_arp_save_chain, .post_parse = NULL, .rule_to_cs = nft_arp_rule_to_cs, diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index 287117201c7b..bed3ee031899 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -43,6 +43,13 @@ static const struct option options[] = { {NULL}, }; +static const struct option arp_save_options[] = { + {.name = "counters", .has_arg = false, .val = 'c'}, + {.name = "version", .has_arg = false, .val = 'V'}, + {.name = "modprobe", .has_arg = true, .val = 'M'}, + {NULL}, +}; + static const struct option ebt_save_options[] = { {.name = "counters", .has_arg = false, .val = 'c'}, {.name = "version", .has_arg = false, .val = 'V'}, @@ -357,6 +364,24 @@ int xtables_arp_save_main(int argc, char **argv) exit(1); } + while ((c = getopt_long(argc, argv, "cM:V", arp_save_options, NULL)) != -1) { + switch (c) { + case 'c': + show_counters = true; + break; + case 'M': + xtables_modprobe_program = optarg; + break; + case 'V': + printf("%s v%s (nf_tables)\n", prog_name, prog_vers); + exit(0); + default: + fprintf(stderr, + "Look at manual page `xtables-save.8' for more information.\n"); + exit(1); + } + } + if (nft_init(&h, xtables_arp) < 0) { fprintf(stderr, "%s/%s Failed to initialize nft: %s\n", xtables_globals.program_name, @@ -375,7 +400,7 @@ int xtables_arp_save_main(int argc, char **argv) printf("*filter\n"); nft_chain_save(&h, nft_chain_list_get(&h), "filter"); - nft_rule_save(&h, "filter", FMT_NOCOUNTS); + nft_rule_save(&h, "filter", show_counters ? 0 : FMT_NOCOUNTS); printf("\n"); nft_fini(&h); return 0; -- 2.18.1