Phil Sutter <phil@xxxxxx> wrote:
> > Huh?
> > iptables-restore < bla
> > iptables-restore v1.8.8 (nf_tables): unknown option "--bla"
> > Error occurred at line: 7 Try `iptables-restore -h' or 'iptables-restore --help' for more information.
> >
> > ... exits with 2.
> >
> > Can you give an example?
>
> # nft add table ip filter '{ chain FORWARD { \
> type filter hook forward priority filter; \
> ip saddr 10.1.2.3 meta cpu 3 counter accept; }; }'
>
> # nft list ruleset
> table ip filter {
> chain FORWARD {
> type filter hook forward priority filter; policy accept;
> ip saddr 10.1.2.3 meta cpu 3 counter packets 0 bytes 0 accept
> }
> }
>
> # iptables-nft -S FORWARD
> -P FORWARD ACCEPT
> -A FORWARD -s 10.1.2.3/32 -j ACCEPT
> # echo $?
> 0
Ah. I thought you were talking about iptables-restore/rule parsing.
