[PATCH v5] Hello Pablo, Le 03/04/2019 à 20:21, Pablo Neira Ayuso a écrit : > Hi Alban, > > On Sun, Mar 03, 2019 at 02:31:30PM +0100, Alban Vidal wrote: >> From: Alban VIDAL <alban.vidal@xxxxxxxxxx> >> >> Add a new '-Z' (or '--zero') option to iptables-save to show zeroed >> counters for chains when saving rulesets. >> >> This option is particularly useful when using a version control system >> (like git) to track the saved iptables rules, to minimize the delta >> between different ruleset versions. >> >> The option is also added to xtables-save to keep compatibility on the >> command line, however the functionality is not implemented yet. > This patch does not apply, it seems your mail client has mangled the > attachment. I've compressed the new patches in the attached .tar.gz file. > I wonder if this -Z semantics for iptables-save might be confusing. > Telling this because iptables -L -z makes an atomic list and reset, so > first time shows the existing counter values, so next time you call > iptables -L shows zeroed counters. > > Probably you can use -z (lowercase) --print-zero-counters, so we > reserve -Z in case we ever need something similar in the future for > iptables-save that matches the exact behaviour of iptables -L -Z. > Yes sure I understand. I've modified the options as you proposed: '-z' and '--print-zero-counters' I could not compile, I've an issue with nftnl library --even before those patches-- I hope it will be good for you. Regards, Alban
Attachment:
PATCH-v5-iptables-save-add-option.tar.gz
Description: application/gzip
