xtables-restore: support test option `-t'

You can now test if a rule-set is correct. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-01-20 23:23:29 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-30 23:50:24 +0100
commit: 18af813cabf7b574dec86beedf0a335e5928eaaa (patch)
tree: eb16cfa2f203554b0aeeefc3d12aa8251c96a313 /iptables/xtables-restore.c
parent: 2a87a024e1f77407e332086a4fa664e048280195 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index ca9e0c05..c62b0a9a 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -266,14 +266,20 @@ xtables_restore_main(int argc, char *argv[])
 				DEBUGP("Calling commit\n");
 				ret = 1;
 			} else {
-				/* FIXME -t needs to be fixed */
+				if (nft_abort(&h)) {
+					xtables_error(OTHER_PROBLEM,
+						      "Failed to abort "
+						      "commit in table %s\n",
+						      curtable);
+				}
 				DEBUGP("Not calling commit, testing\n");
 				ret = 1;
 			}
 			in_table = 0;
 
 			/* Purge out unused chains in this table */
-			nft_table_purge_chains(&h, curtable, chain_list);
+			if (!testing)
+				nft_table_purge_chains(&h, curtable, chain_list);
 
 		} else if ((buffer[0] == '*') && (!in_table)) {
 			/* New table */
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-01-20 23:23:29 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-30 23:50:24 +0100
commit	18af813cabf7b574dec86beedf0a335e5928eaaa (patch)
tree	eb16cfa2f203554b0aeeefc3d12aa8251c96a313 /iptables/xtables-restore.c
parent	2a87a024e1f77407e332086a4fa664e048280195 (diff)