From 17ed253f9dd401d7b83b81f5db93411bee592a40 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Fri, 28 Jan 2022 15:32:10 +0100
Subject: iptables-restore: Support for extra debug output

Treat --verbose just like iptables itself, increasing debug level with
number of invocations.

To propagate the level into do_command() callback, insert virtual '-v'
flags into rule lines.

The only downside of this is that simple verbose output is changed and
now also prints the rules as they are added - which would be useful if
the lines contained the chain they apply to.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 iptables/iptables-restore.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'iptables/iptables-restore.c')

diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index a3efb067..3c0a2389 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -114,7 +114,7 @@ ip46tables_restore_main(const struct iptables_restore_cb *cb,
 				counters = 1;
 				break;
 			case 'v':
-				verbose = 1;
+				verbose++;
 				break;
 			case 'V':
 				printf("%s v%s\n",
@@ -317,11 +317,15 @@ ip46tables_restore_main(const struct iptables_restore_cb *cb,
 			char *pcnt = NULL;
 			char *bcnt = NULL;
 			char *parsestart = buffer;
+			int i;
 
 			add_argv(&av_store, argv[0], 0);
 			add_argv(&av_store, "-t", 0);
 			add_argv(&av_store, curtable, 0);
 
+			for (i = 0; !noflush && i < verbose; i++)
+				add_argv(&av_store, "-v", 0);
+
 			tokenize_rule_counters(&parsestart, &pcnt, &bcnt, line);
 			if (counters && pcnt && bcnt) {
 				add_argv(&av_store, "--set-counters", 0);
-- 
cgit v1.2.3