This appears to be confusing. Since a missing table is also not flushed
("restored") when feeding the dump into iptables-restore, such a restore
call may be considered incomplete.
Reported-by: Jean-Paul Calderone <jean-paul@xxxxxxxxxxxxxxxxx>
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=960
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/iptables-save.8.in | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/iptables/iptables-save.8.in b/iptables/iptables-save.8.in
index 7683fd3780f72..cea972bcd6e0e 100644
--- a/iptables/iptables-save.8.in
+++ b/iptables/iptables-save.8.in
@@ -52,7 +52,10 @@ restrict output to only one table. If the kernel is configured with automatic
module loading, an attempt will be made to load the appropriate module for
that table if it is not already there.
.br
-If not specified, output includes all available tables.
+If not specified, output includes all available tables. No module loading takes
+place, so in order to include a specific table in the output, the respective
+module (something like \fBiptable_mangle\fP or \fBip6table_raw\fP) must be
+loaded first.
.SH BUGS
None known as of iptables-1.2.1 release
.SH AUTHORS
--
2.40.0
