arptables classic doesn't have arptables-save, it only has a perl
script that attempts to emulate iptables-save. It supports no options,
and thus has no way to dump counters. Add -c option, like iptables to
enable this.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
iptables/nft-arp.c | 17 +++++++++--------
iptables/xtables-save.c | 27 ++++++++++++++++++++++++++-
2 files changed, 35 insertions(+), 9 deletions(-)
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 3d2ae3bfc056..f9352297d83b 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -570,6 +570,14 @@ after_devdst:
}
}
+static void nft_arp_save_counters(const void *data)
+{
+ const struct iptables_command_state *cs = data;
+
+ printf("[%llu:%llu] ", (unsigned long long)cs->arp.counters.pcnt,
+ (unsigned long long)cs->arp.counters.bcnt);
+}
+
static void
nft_arp_save_rule(const void *data, unsigned int format)
{
@@ -587,13 +595,6 @@ nft_arp_save_rule(const void *data, unsigned int format)
cs->target->save(&cs->arp, cs->target->t);
}
- if (!(format & FMT_NOCOUNTS)) {
- printf(", pcnt=");
- xtables_print_num(cs->arp.counters.pcnt, format);
- printf("-- bcnt=");
- xtables_print_num(cs->arp.counters.bcnt, format);
- }
-
if (!(format & FMT_NONEWLINE))
fputc('\n', stdout);
}
@@ -692,7 +693,7 @@ struct nft_family_ops nft_family_ops_arp = {
.print_header = nft_arp_print_header,
.print_rule = nft_arp_print_rule,
.save_rule = nft_arp_save_rule,
- .save_counters = NULL,
+ .save_counters = nft_arp_save_counters,
.save_chain = nft_arp_save_chain,
.post_parse = NULL,
.rule_to_cs = nft_arp_rule_to_cs,
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c
index 287117201c7b..bed3ee031899 100644
--- a/iptables/xtables-save.c
+++ b/iptables/xtables-save.c
@@ -43,6 +43,13 @@ static const struct option options[] = {
{NULL},
};
+static const struct option arp_save_options[] = {
+ {.name = "counters", .has_arg = false, .val = 'c'},
+ {.name = "version", .has_arg = false, .val = 'V'},
+ {.name = "modprobe", .has_arg = true, .val = 'M'},
+ {NULL},
+};
+
static const struct option ebt_save_options[] = {
{.name = "counters", .has_arg = false, .val = 'c'},
{.name = "version", .has_arg = false, .val = 'V'},
@@ -357,6 +364,24 @@ int xtables_arp_save_main(int argc, char **argv)
exit(1);
}
+ while ((c = getopt_long(argc, argv, "cM:V", arp_save_options, NULL)) !=
-1) {
+ switch (c) {
+ case 'c':
+ show_counters = true;
+ break;
+ case 'M':
+ xtables_modprobe_program = optarg;
+ break;
+ case 'V':
+ printf("%s v%s (nf_tables)\n", prog_name, prog_vers);
+ exit(0);
+ default:
+ fprintf(stderr,
+ "Look at manual page `xtables-save.8' for more
information.\n");
+ exit(1);
+ }
+ }
+
if (nft_init(&h, xtables_arp) < 0) {
fprintf(stderr, "%s/%s Failed to initialize nft: %s\n",
xtables_globals.program_name,
@@ -375,7 +400,7 @@ int xtables_arp_save_main(int argc, char **argv)
printf("*filter\n");
nft_chain_save(&h, nft_chain_list_get(&h), "filter");
- nft_rule_save(&h, "filter", FMT_NOCOUNTS);
+ nft_rule_save(&h, "filter", show_counters ? 0 : FMT_NOCOUNTS);
printf("\n");
nft_fini(&h);
return 0;
--
2.18.1
