On Sun, Sep 09, 2001 at 10:54:46AM +0800, Ian C. Sison wrote: > Agreed. BTW, Looking over the KNOWN_BUGS for iptables 1.2.2, it said > > "4) iptables-restore and -save still have problems. Sorry." > > I just feel good that someone's on it. The people at mandrake are quite > packaging the "bigger picture" to be bothered by this problem, which > really seems like quite a show stopper for those wanting to use iptables > with the initscripts. I don't think it's a show stopper. I think it's a minor nuisance. I use iptables with the init scripts and it works just fine. All you have to do is one of two things. Either put your data in the same format iptables-save uses. Or put it in via the iptables the way you want it and then use iptables-save to write the file. "/etc/init.d/iptables save" will write the file for you. After having looked at iptables-restore for several hours today it would require rewritting iptables-restore from scratch to support what you want. I don't see the value in it and I doubt anybody else is going to. I'm just gonna write the patch that makes iptables-restore print an error message and exit out. Currently I'm using "Line %u does not appear to be valid iptables-save data.\n" I figure that will give those who are confused a hint. -- Ben Reser <[EMAIL PROTECTED]> http://ben.reser.org Just when you think you're not in Kansas anymore, turns out you are! - Colonel Jack O'Neill SG1
