On Sun, 27 Jun 2021 12:56:18 -0700 Stephen Satchell <list@xxxxxxxxxxxx> wrote: > On 6/27/21 12:07 PM, Kerin Millar wrote: > > Use of shell redirection is optional in this case but I would caution > > against making it a habit in conjunction with the use of sudo. > > I believe your statement is not distribution-safe. Red Hat's > implementation of ip[6]tables-restore does not implement reading a file. > Ubuntu's implementation of ip[6]tables-restore does. > > This observation is backed up by viewing "iptables-restore -h". > > That said, I suspect that Debian would use substantially the same > version of iptables-restore that Ubuntu does, so your observation would > be applicable. Debian 10 was mentioned but yes, it has not always been possible to supply a pathname as an argument. For those with an older userspace, the problem can thus be avoided by simply running `sudo -i` to obtain an interactive root shell or by running `sudo sh -c 'iptables-restore < my.rules'`, among other methods. -- Kerin Millar
