On 06/14/10 13:22, Taylor, Grant wrote:
Depending on how system agnostic you are trying to bee, processing the rule as if it were a command line (looking for individual pieces) will probably be the easiest to do.
Also remember that IPTables(-save) is going to give you the output of what is in kernel. Any host names that you specified in your rule will be translated to IPs and entered in the kernel as such. This could be even more tricky if you have host names that are being translated to dynamic IPs.
Grant. . . . -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
