[Bug 790] Normalize iptables rules

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon Jun 24 11:34:46 CEST 2013


https://bugzilla.netfilter.org/show_bug.cgi?id=790

--- Comment #5 from Andor <tothandor at gmail.com> 2013-06-24 11:34:44 CEST ---
ipt1 is an output of a firewall script mainly edited by hand, where parameters
order may vary.
ipt2 is the output of iptables-save, where parameters are strictly ordered.

As written before, the difference in parameter order spoils the comparison of
two rulesets, and gives false differences.
Also parameter parsing is complex, thus they could not be simply sorted or
reparsed the same way iptables does.

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the netfilter-buglog mailing list