I see. Thanks for the explanation!
On Tue, Oct 22, 2013 at 10:15 PM, Michael Orlitzky <mich...@orlitzky.com> wrote: > On 10/22/2013 10:02 AM, Linlin Yan (颜林林) wrote: >> Hi there, >> >> After net-firewall/iptables-1.4.16.3 (amd64) installed, I occasionally >> found that it put iptables-xml ('s symbolic link) in /usr/bin/, but >> other tools (like iptables-restore and iptables-save) are not. Is >> there any trick about this? >> > > The others are in /sbin because, > > a) They can't be run by anyone other than root > > b) You want them available at boot time > > But as a normal user, suppose I have an old iptables-save dump lying > around. There's no problem with me running iptables-xml on it, since > that will just read a file and write some XML to stdout. No special > privileges necessary. > >