[Bug 699] please add new options to iptables-restore to continue on error and suppress error output
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri May 17 17:44:49 CEST 2013
https://bugzilla.netfilter.org/show_bug.cgi?id=699
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |pablo at netfilter.org
Resolution| |WONTFIX
--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> 2013-05-17 17:44:48 CEST ---
(In reply to comment #1)
> Some of those ip ranges may already exist in the filter table before iptables
> restore is executed.
You don't explain why those rules are already there and who is adding those.
There are many reasons why iptables-restore may fail to load a rule, not only
duplicates. It may lead to having load an inconsistent rule-set. I'm reticent
to add this feature, it's resolving a very specific use-case in which some
important information is missing.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list