From 79982776b088b66d4e84abb13015afd9e012fa53 Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net"
Date: Tue, 17 Jul 2007 17:02:04 +0000
Subject: [PATCH] iptables-xml
Attached are:
1. A man page for iptables-xml
2. A fix for iptables.xslt allowing for an arbitrary depth of arguments
or modifiers.
Although iptables-xml cannot generate more than two levels deep, xml
generated by other systems may prefer to generate
0xff00
than
0xff00
(which is what iptables-xml generates)
even though the same iptables is re-generated on conversion.
3. A fix for iptables-xml.c so that combining of consecutive targets of
rules with the same match into one XML rule, will not combine over a
terminating action; i.e. there is no point in converting
-A table -p tcp -j DROP
-A table -p tcp -j MARK --set-mark 25
-A table -p tcp -j RETURN
into one XML rule with multiple actions as they are probably not
logically combined in the mind of the author.
Signed-off by: Sam Liddicott
---
iptables.xslt | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
(limited to 'iptables.xslt')
diff --git a/iptables.xslt b/iptables.xslt
index 4cf8419..07cec19 100644
--- a/iptables.xslt
+++ b/iptables.xslt
@@ -44,7 +44,7 @@
-
+
!
-
@@ -52,7 +52,8 @@
-
-
+
+
--
cgit v1.2.3