diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-01-20 23:23:29 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:24 +0100 |
commit | 18af813cabf7b574dec86beedf0a335e5928eaaa (patch) | |
tree | eb16cfa2f203554b0aeeefc3d12aa8251c96a313 | |
parent | 2a87a024e1f77407e332086a4fa664e048280195 (diff) |
xtables-restore: support test option `-t'
You can now test if a rule-set is correct.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | iptables/xtables-restore.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index ca9e0c05..c62b0a9a 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -266,14 +266,20 @@ xtables_restore_main(int argc, char *argv[]) DEBUGP("Calling commit\n"); ret = 1; } else { - /* FIXME -t needs to be fixed */ + if (nft_abort(&h)) { + xtables_error(OTHER_PROBLEM, + "Failed to abort " + "commit in table %s\n", + curtable); + } DEBUGP("Not calling commit, testing\n"); ret = 1; } in_table = 0; /* Purge out unused chains in this table */ - nft_table_purge_chains(&h, curtable, chain_list); + if (!testing) + nft_table_purge_chains(&h, curtable, chain_list); } else if ((buffer[0] == '*') && (!in_table)) { /* New table */ |