diff options
| author | Phil Sutter <phil@nwl.cc> | 2022-08-25 11:53:04 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2022-08-26 15:19:07 +0200 |
| commit | c70a33d219ccb43e6f59aa1b9bbab5dcb13f3443 (patch) | |
| tree | 124033da3695a3a6270e883dde9897b4467a055d /iptables | |
| parent | ead69273d16dae2da54e510f7ffb58fd880567d1 (diff) | |
xtables-restore: Extend failure error message
If a line causes zero 'ret' value and errno is set, call nft_strerror()
for a more detailed error message. While not perfect, it helps with
debugging ominous "line NN failed" messages pointing at COMMIT:
| # iptables-nft-restore <<EOF
| *filter
| -A nonexist
| COMMIT
| EOF
| iptables-nft-restore: line 3 failed: No chain/target/match by that name.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/xtables-restore.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index 1363f96a..052a80c2 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -249,8 +249,11 @@ static void xtables_restore_parse_line(struct nft_handle *h, (strcmp(p->tablename, state->curtable->name) != 0)) return; if (!ret) { - fprintf(stderr, "%s: line %u failed\n", + fprintf(stderr, "%s: line %u failed", xt_params->program_name, line); + if (errno) + fprintf(stderr, ": %s.", nft_strerror(errno)); + fprintf(stderr, "\n"); exit(1); } } |