[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon Jun 24 18:37:55 CEST 2013


https://bugzilla.netfilter.org/show_bug.cgi?id=580

Phil Oester <netfilter at linuxace.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |netfilter at linuxace.com
         Resolution|                            |WONTFIX

--- Comment #3 from Phil Oester <netfilter at linuxace.com> 2013-06-24 18:37:54 CEST ---
We cannot alter the default behavior of iptables-save, since admins are
potentially relying upon the current output in scripts.  However, what you want
to achieve is trivially done with userspace.  See below.

for table in $(sort /proc/net/ip_tables_names) ; do
    iptables-save -t $table | sed '/^#/d ; s/\[.*$//'
done 

Output that to a text file and use diff to test for differences.

Closing.

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the netfilter-buglog mailing list