[iptables] mark: fix invalid iptables-save output

Pablo Neira netfilter-cvslog-bounces at lists.netfilter.org
Mon Sep 29 08:52:10 CEST 2008 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=3cc6fc3cbf26b847ba7232ff220b74e74e72c219
commit 3cc6fc3cbf26b847ba7232ff220b74e74e72c219
Author:     Pablo Sebastian Greco <pablo at fliagreco.com.ar>
AuthorDate: Mon Sep 29 08:51:32 2008 +0200
Commit:     Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Mon Sep 29 08:51:32 2008 +0200

    mark: fix invalid iptables-save output
    
    When a neg mark is saved via iptables-save it is saved as !--mark,
    but this is not recognized by iptables-restore, just adding a
    space to the saved file to make it look like "! --mark" makes
    iptables-restore accept the file.
    
    Signed-off-by: Pablo Sebastian Greco <pablo at fliagreco.com.ar>
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
       via  3cc6fc3cbf26b847ba7232ff220b74e74e72c219 (commit)
      from  4eb03c8e087c4cc438f2cbc0ff6a5e9b85f6d4fb (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3cc6fc3cbf26b847ba7232ff220b74e74e72c219
Author: Pablo Sebastian Greco <pablo at fliagreco.com.ar>
Date:   Mon Sep 29 08:51:32 2008 +0200

    mark: fix invalid iptables-save output
    
    When a neg mark is saved via iptables-save it is saved as !--mark,
    but this is not recognized by iptables-restore, just adding a
    space to the saved file to make it look like "! --mark" makes
    iptables-restore accept the file.
    
    Signed-off-by: Pablo Sebastian Greco <pablo at fliagreco.com.ar>
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

-----------------------------------------------------------------------

 extensions/libxt_mark.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
When a neg mark is saved via iptables-save it is saved as !--mark,
but this is not recognized by iptables-restore, just adding a
space to the saved file to make it look like "! --mark" makes
iptables-restore accept the file.

Signed-off-by: Pablo Sebastian Greco <pablo at fliagreco.com.ar>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 4ee29e7..811cc77 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -125,7 +125,7 @@ static void mark_mt_save(const void *ip, const struct xt_entry_match *match)
 	const struct xt_mark_mtinfo1 *info = (const void *)match->data;
 
 	if (info->invert)
-		printf("!");
+		printf("! ");
 
 	printf("--mark ");
 	print_mark(info->mark, info->mask);

More information about the netfilter-cvslog mailing list