В Чтв, 17/04/2008 в 10:05 +0200, martin f krafft пишет: > also sprach Martijn Lievaart <m@xxxxxxx> [2008.04.16.2356 +0200]: > >> echo "Applying new rules..."; > >> iptables-restore <new.txt; > >> if [ "$?" -ne 0 ]; then > >> echo "Dude, that failed horribly. (Old rules still intact.)"; > >> exit 1; > >> fi > > > > Are you sure? I think it may have committed some tables already and > > errored on another. > > No, I am not sure. But wouldn't that be a bug? iptables-restore > gives the impression to be transaction-oriented. It should be > all-or-nothing, I think. By default iptables-save generates file which COMMITs after each table. Is it possible to COMMIT once for all tables at the end? If this is possible - this will be the solution (all or nothing). -- Покотиленко Костик <casper@xxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
