shawn wilson <ag4ve...@gmail.com> wrote: > On Fri, Oct 4, 2013 at 5:58 PM, Michael Orlitzky <mich...@orlitzky.com> wrote: > >> >> 1. The iptables-restore syntax is uglier and harder to read. > > I don't get this - the syntax is [...] > What am I missing or how is this uglier?
Argument separation (e.g. if you have arguments with spaces); it seems to work most of the time if you quote into "..." and escape backslash and doublequote signs inside with backslash (this is what the mentioned script of firewall-mv does), but there are cases where this is not accepted; e.g. quoting every word was not accepted. Since the format is undocumented, this is all ugly trial-and-error, and only the iptable maintainers know whether it remains the same in the next iptables release.