From 8d994bcf6be09cd0a13d6f22c6e01e98fb130415 Mon Sep 17 00:00:00 2001 From: Oliver Ford Date: Fri, 26 May 2017 12:25:16 +0000 Subject: iptables: Add file output option to iptables-save Adds an option to output the results of iptables-save, ip6tables-save, and xtables-save save to a file. Updates the man page with this new option. Uses the dup2 call to replace stdout with the specified file. Error output is unchanged. This is a feature requested by a Gentoo developer in Bugzilla #905. Signed-off-by: Oliver Ford Signed-off-by: Pablo Neira Ayuso --- iptables/iptables-save.8.in | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'iptables/iptables-save.8.in') diff --git a/iptables/iptables-save.8.in b/iptables/iptables-save.8.in index 7f99d8a3..51e11f3e 100644 --- a/iptables/iptables-save.8.in +++ b/iptables/iptables-save.8.in @@ -19,27 +19,31 @@ .\" .\" .SH NAME -iptables-save \(em dump iptables rules to stdout +iptables-save \(em dump iptables rules .P -ip6tables-save \(em dump iptables rules to stdout +ip6tables-save \(em dump iptables rules .SH SYNOPSIS \fBiptables\-save\fP [\fB\-M\fP \fImodprobe\fP] [\fB\-c\fP] -[\fB\-t\fP \fItable\fP] +[\fB\-t\fP \fItable\fP] [\fB\-f\fP \fIfilename\fP] .P \fBip6tables\-save\fP [\fB\-M\fP \fImodprobe\fP] [\fB\-c\fP] -[\fB\-t\fP \fItable\fP] +[\fB\-t\fP \fItable\fP] [\fB\-f\fP \fIfilename\fP] .SH DESCRIPTION .PP .B iptables-save and .B ip6tables-save are used to dump the contents of IP or IPv6 Table in easily parseable format -to STDOUT. Use I/O-redirection provided by your shell to write to a file. +either to STDOUT or to a specified file. .TP \fB\-M\fR, \fB\-\-modprobe\fR \fImodprobe_program\fP Specify the path to the modprobe program. By default, iptables-save will inspect /proc/sys/kernel/modprobe to determine the executable's path. .TP +\fB\-f\fR, \fB\-\-file\fR \fIfilename\fP +Specify a filename to log the output to. If not specified, iptables-save +will log to STDOUT. +.TP \fB\-c\fR, \fB\-\-counters\fR include the current values of all packet and byte counters in the output .TP -- cgit v1.2.3