Mailinglist Archive: opensuse-bugs (12871 mails)

< Previous Next >
[Bug 462482] iptables-batch: raison d'ĂȘtre
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 7 Jan 2009 01:52:04 -0700 (MST)
  • Message-id: <20090107085204.7EEDC245390@xxxxxxxxxxxxxxxxxxxxxx>
https://bugzilla.novell.com/show_bug.cgi?id=462482

User jengelh@xxxxxxxxxx added comment
https://bugzilla.novell.com/show_bug.cgi?id=462482#c2


Jan Engelhardt <jengelh@xxxxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Severity|Normal |Enhancement
Status|RESOLVED |REOPENED
Component|Network |Network
Product|openSUSE 11.1 |openSUSE
11.2
Resolution|INVALID |




--- Comment #2 from Jan Engelhardt <jengelh@xxxxxxxxxx> 2009-01-07 01:52:03
MST ---
At the time I introduced iptables-batch I posted it upstream
but there was no interest in merging it.

It indeed looks very redundant, hence this BZ item.

but then one would need a wrapper that orders the calls by
chain/table first.

The only order you need is per table. So realistically it is doable with less
than 5 variables, one for each table. With some tempfiles, any number of tables
are possible:

function iptables_add()
{
local table;
local chain;

table="filter";
if [[ "$1" == "-t" ]]; then
table="$2";
shift 2;
fi;
if [[ "$1" == "-P" ]]; then
echo ":$2 $3 [0:0]" >>"$tmpdir/$table";
elif [[ "$1" == "-N" ]]; then
echo ":$2 - [0:0]" >>"$tmpdir/$table";
else
echo "$@" >>"$tmpdir/$table";
fi;
}

function iptables_emit()
{
local table;
local i;

for i in "$tmpdir"/*; do
table="${i##*/}";
{ echo "*$table"; cat "$i"; echo "COMMIT"; } | \
iptables-restore;
done;
}


--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >