diff options
| author | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> | 2007-07-17 17:02:04 +0000 |
|---|---|---|
| committer | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> | 2007-07-17 17:02:04 +0000 |
| commit | 79982776b088b66d4e84abb13015afd9e012fa53 (patch) | |
| tree | 878bfcb064752ccc5b81211fff49daf6bf2fdb1c /xtables.c | |
| parent | 36e49158ea17e40a902bdeeb8dfa4002d581955c (diff) | |
[PATCH] iptables-xml
Attached are:
1. A man page for iptables-xml
2. A fix for iptables.xslt allowing for an arbitrary depth of arguments
or modifiers.
Although iptables-xml cannot generate more than two levels deep, xml
generated by other systems may prefer to generate
<action>
<restore-mark>
<mask>0xff00</mask>
</restore-mark>
</action>
than
<action>
<restore-mark/>
<mask>0xff00</mask>
</action>
(which is what iptables-xml generates)
even though the same iptables is re-generated on conversion.
3. A fix for iptables-xml.c so that combining of consecutive targets of
rules with the same match into one XML rule, will not combine over a
terminating action; i.e. there is no point in converting
-A table -p tcp -j DROP
-A table -p tcp -j MARK --set-mark 25
-A table -p tcp -j RETURN
into one XML rule with multiple actions as they are probably not
logically combined in the mind of the author.
Signed-off by: Sam Liddicott <azez@ufomechanic.net>
Diffstat (limited to 'xtables.c')
0 files changed, 0 insertions, 0 deletions