* [PATCH 1/5] build: remove dead code parts
2011-05-30 10:18 iptables fixes for 2011-05-30 Jan Engelhardt
@ 2011-05-30 10:18 ` Jan Engelhardt
2011-05-30 10:18 ` [PATCH 2/5] build: fix installation of symlinks Jan Engelhardt
` (3 subsequent siblings)
4 siblings, 0 replies; 10+ messages in thread
From: Jan Engelhardt @ 2011-05-30 10:18 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
gcc-4.6 has a new warning, -Wunused-but-set-variable, which flags
no-op code.
CC libiptc/libip4tc.lo
In file included from libiptc/libip4tc.c:118:0:
libiptc/libiptc.c: In function "iptcc_chain_index_delete_chain":
libiptc/libiptc.c:611:32: warning: variable "index_ptr2" set but not used
libiptc/libiptc.c: In function "alloc_handle":
libiptc/libiptc.c:1282:9: warning: variable "len" set but not used
CC libiptc/libip6tc.lo
In file included from libiptc/libip6tc.c:113:0:
libiptc/libiptc.c: In function "iptcc_chain_index_delete_chain":
libiptc/libiptc.c:611:32: warning: variable "index_ptr2" set but not used
libiptc/libiptc.c: In function "alloc_handle":
libiptc/libiptc.c:1282:9: warning: variable "len" set but not used
CC xtables_multi-iptables-xml.o
iptables-xml.c: In function "do_rule_part":
iptables-xml.c:376:8: warning: variable "thisChain" set but not used
CC xtables_multi-ip6tables.o
ip6tables.c: In function "print_firewall":
ip6tables.c:552:10: warning: variable "flags" set but not used
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
ip6tables.c | 2 --
iptables-xml.c | 3 ---
libiptc/libiptc.c | 7 ++-----
3 files changed, 2 insertions(+), 10 deletions(-)
diff --git a/ip6tables.c b/ip6tables.c
index a74238c..4df73b8 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -549,7 +549,6 @@ print_firewall(const struct ip6t_entry *fw,
{
const struct xtables_target *target = NULL;
const struct ip6t_entry_target *t;
- uint8_t flags;
char buf[BUFSIZ];
if (!ip6tc_is_chain(targname, handle))
@@ -559,7 +558,6 @@ print_firewall(const struct ip6t_entry *fw,
XTF_LOAD_MUST_SUCCEED);
t = ip6t_get_target((struct ip6t_entry *)fw);
- flags = fw->ipv6.flags;
if (format & FMT_LINENUMBERS)
printf(FMT("%-4u ", "%u "), num);
diff --git a/iptables-xml.c b/iptables-xml.c
index dc3cd4f..aa98f75 100644
--- a/iptables-xml.c
+++ b/iptables-xml.c
@@ -373,7 +373,6 @@ do_rule_part(char *leveltag1, char *leveltag2, int part, int argc,
{
int arg = 1; // ignore leading -A
char invert_next = 0;
- char *thisChain = NULL;
char *spacer = ""; // space when needed to assemble arguments
char *level1 = NULL;
char *level2 = NULL;
@@ -397,8 +396,6 @@ do_rule_part(char *leveltag1, char *leveltag2, int part, int argc,
} else printf("%s<%s ", (leveli ## LEVEL), (level ## LEVEL)); \
} while(0)
- thisChain = argv[arg++];
-
if (part == 1) { /* skip */
/* use argvattr to tell which arguments were quoted
to avoid comparing quoted arguments, like comments, to -j, */
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index d3b1c51..0b6d5e3 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -608,7 +608,7 @@ static int iptcc_chain_index_rebuild(struct xtc_handle *h)
*/
static int iptcc_chain_index_delete_chain(struct chain_head *c, struct xtc_handle *h)
{
- struct list_head *index_ptr, *index_ptr2, *next;
+ struct list_head *index_ptr, *next;
struct chain_head *c2;
unsigned int idx, idx2;
@@ -628,7 +628,7 @@ static int iptcc_chain_index_delete_chain(struct chain_head *c, struct xtc_handl
* is located in the same index bucket.
*/
c2 = list_entry(next, struct chain_head, list);
- index_ptr2 = iptcc_bsearch_chain_index(c2->name, &idx2, h);
+ iptcc_bsearch_chain_index(c2->name, &idx2, h);
if (idx != idx2) {
/* Rebuild needed */
return iptcc_chain_index_rebuild(h);
@@ -1279,11 +1279,8 @@ static int iptcc_compile_table(struct xtc_handle *h, STRUCT_REPLACE *repl)
static struct xtc_handle *
alloc_handle(const char *tablename, unsigned int size, unsigned int num_rules)
{
- size_t len;
struct xtc_handle *h;
- len = sizeof(STRUCT_TC_HANDLE) + size;
-
h = malloc(sizeof(STRUCT_TC_HANDLE));
if (!h) {
errno = ENOMEM;
--
1.7.3.4
^ permalink raw reply related [flat|nested] 10+ messages in thread* [PATCH 2/5] build: fix installation of symlinks
2011-05-30 10:18 iptables fixes for 2011-05-30 Jan Engelhardt
2011-05-30 10:18 ` [PATCH 1/5] build: remove dead code parts Jan Engelhardt
@ 2011-05-30 10:18 ` Jan Engelhardt
2011-05-30 11:50 ` Maciej Żenczykowski
2011-05-30 10:18 ` [PATCH 3/5] build: fix absence of xml translator in IPv6-only builds Jan Engelhardt
` (2 subsequent siblings)
4 siblings, 1 reply; 10+ messages in thread
From: Jan Engelhardt @ 2011-05-30 10:18 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
Commit v1.4.11~20 forgot to change the symlink target names to the new
executable name.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
Makefile.am | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 13e144e..741729b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -96,6 +96,6 @@ config.status: extensions/GNUmakefile.in \
install-exec-hook:
-if test -z "${DESTDIR}"; then /sbin/ldconfig; fi;
${INSTALL} -dm0755 "${DESTDIR}${bindir}";
- for i in ${v4_bin_links}; do ${LN_S} -f "${sbindir}/iptables-multi" "${DESTDIR}${bindir}/$$i"; done;
- for i in ${v4_sbin_links}; do ${LN_S} -f iptables-multi "${DESTDIR}${sbindir}/$$i"; done;
- for i in ${v6_sbin_links}; do ${LN_S} -f ip6tables-multi "${DESTDIR}${sbindir}/$$i"; done;
+ for i in ${v4_bin_links}; do ${LN_S} -f "${sbindir}/xtables-multi" "${DESTDIR}${bindir}/$$i"; done;
+ for i in ${v4_sbin_links}; do ${LN_S} -f xtables-multi "${DESTDIR}${sbindir}/$$i"; done;
+ for i in ${v6_sbin_links}; do ${LN_S} -f xtables-multi "${DESTDIR}${sbindir}/$$i"; done;
--
1.7.3.4
^ permalink raw reply related [flat|nested] 10+ messages in thread* [PATCH 3/5] build: fix absence of xml translator in IPv6-only builds
2011-05-30 10:18 iptables fixes for 2011-05-30 Jan Engelhardt
2011-05-30 10:18 ` [PATCH 1/5] build: remove dead code parts Jan Engelhardt
2011-05-30 10:18 ` [PATCH 2/5] build: fix installation of symlinks Jan Engelhardt
@ 2011-05-30 10:18 ` Jan Engelhardt
[not found] ` <BANLkTik2r-SqtUMVBRcKFngPTzgMUJruzg@mail.gmail.com>
2011-05-30 10:18 ` [PATCH 4/5] doc: update GPL license text Jan Engelhardt
2011-05-30 10:18 ` [PATCH 5/5] doc: iptables-xml should be in manpage section 1 Jan Engelhardt
4 siblings, 1 reply; 10+ messages in thread
From: Jan Engelhardt @ 2011-05-30 10:18 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
Due to iptables-xml being listed under IPV4 only, its symlink was not
created on `./configure --disable-ipv4 && make install`.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
Makefile.am | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 741729b..cc2b83b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -65,8 +65,8 @@ man_MANS = iptables.8 iptables-restore.8 iptables-save.8 \
ip6tables-save.8
CLEANFILES = iptables.8 ip6tables.8
+vx_bin_links = iptables-xml
if ENABLE_IPV4
-v4_bin_links = iptables-xml
v4_sbin_links = iptables iptables-restore iptables-save
endif
if ENABLE_IPV6
@@ -96,6 +96,6 @@ config.status: extensions/GNUmakefile.in \
install-exec-hook:
-if test -z "${DESTDIR}"; then /sbin/ldconfig; fi;
${INSTALL} -dm0755 "${DESTDIR}${bindir}";
- for i in ${v4_bin_links}; do ${LN_S} -f "${sbindir}/xtables-multi" "${DESTDIR}${bindir}/$$i"; done;
+ for i in ${vx_bin_links}; do ${LN_S} -f "${sbindir}/xtables-multi" "${DESTDIR}${bindir}/$$i"; done;
for i in ${v4_sbin_links}; do ${LN_S} -f xtables-multi "${DESTDIR}${sbindir}/$$i"; done;
for i in ${v6_sbin_links}; do ${LN_S} -f xtables-multi "${DESTDIR}${sbindir}/$$i"; done;
--
1.7.3.4
^ permalink raw reply related [flat|nested] 10+ messages in thread* [PATCH 4/5] doc: update GPL license text
2011-05-30 10:18 iptables fixes for 2011-05-30 Jan Engelhardt
` (2 preceding siblings ...)
2011-05-30 10:18 ` [PATCH 3/5] build: fix absence of xml translator in IPv6-only builds Jan Engelhardt
@ 2011-05-30 10:18 ` Jan Engelhardt
2011-05-30 10:18 ` [PATCH 5/5] doc: iptables-xml should be in manpage section 1 Jan Engelhardt
4 siblings, 0 replies; 10+ messages in thread
From: Jan Engelhardt @ 2011-05-30 10:18 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
The Open Build Service/rpmlint flagged the outdated address in the
license text :-)
iptables.x86_64: W: incorrect-fsf-address
/usr/share/doc/packages/iptables/COPYING
The Free Software Foundation address in this file seems to be outdated
or misspelled. Ask upstream to update the address, or if this is a
license file, possibly the entire file with a new copy available from
the FSF.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
COPYING | 42 +++++++++++++++++++++---------------------
1 files changed, 21 insertions(+), 21 deletions(-)
diff --git a/COPYING b/COPYING
index a43ea21..d159169 100644
--- a/COPYING
+++ b/COPYING
@@ -1,12 +1,12 @@
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 675 Mass Ave, Cambridge, MA 02139, USA
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
- Preamble
+ Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
@@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.) You can apply it to
+the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
@@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
-\f
- GNU GENERAL PUBLIC LICENSE
+
+ GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions:
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
-\f
+
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
-\f
+
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
@@ -225,7 +225,7 @@ impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
-\f
+
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
@@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
- NO WARRANTY
+ NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
@@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
- END OF TERMS AND CONDITIONS
-\f
- Appendix: How to Apply These Terms to Your New Programs
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
@@ -291,7 +291,7 @@ convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
- Copyright (C) 19yy <name of author>
+ Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -303,16 +303,16 @@ the "copyright" line and a pointer to where the full notice is found.
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
- Gnomovision version 69, Copyright (C) 19yy name of author
+ Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
@@ -335,5 +335,5 @@ necessary. Here is a sample; alter the names:
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
-library. If this is what you want to do, use the GNU Library General
+library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
--
1.7.3.4
^ permalink raw reply related [flat|nested] 10+ messages in thread* [PATCH 5/5] doc: iptables-xml should be in manpage section 1
2011-05-30 10:18 iptables fixes for 2011-05-30 Jan Engelhardt
` (3 preceding siblings ...)
2011-05-30 10:18 ` [PATCH 4/5] doc: update GPL license text Jan Engelhardt
@ 2011-05-30 10:18 ` Jan Engelhardt
4 siblings, 0 replies; 10+ messages in thread
From: Jan Engelhardt @ 2011-05-30 10:18 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
References: http://bugs.debian.org/623112
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
Makefile.am | 2 +-
iptables-xml.1 | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
iptables-xml.8 | 87 --------------------------------------------------------
3 files changed, 88 insertions(+), 88 deletions(-)
create mode 100644 iptables-xml.1
delete mode 100644 iptables-xml.8
diff --git a/Makefile.am b/Makefile.am
index cc2b83b..ae7923f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -61,7 +61,7 @@ xtables_multi_LDADD += libxtables.la -lm
sbin_PROGRAMS = xtables-multi
man_MANS = iptables.8 iptables-restore.8 iptables-save.8 \
- iptables-xml.8 ip6tables.8 ip6tables-restore.8 \
+ iptables-xml.1 ip6tables.8 ip6tables-restore.8 \
ip6tables-save.8
CLEANFILES = iptables.8 ip6tables.8
diff --git a/iptables-xml.1 b/iptables-xml.1
new file mode 100644
index 0000000..048c2cb
--- /dev/null
+++ b/iptables-xml.1
@@ -0,0 +1,87 @@
+.TH IPTABLES-XML 8 "Jul 16, 2007" "" ""
+.\"
+.\" Man page written by Sam Liddicott <azez@ufomechanic.net>
+.\" It is based on the iptables-save man page.
+.\"
+.\" This program is free software; you can redistribute it and/or modify
+.\" it under the terms of the GNU General Public License as published by
+.\" the Free Software Foundation; either version 2 of the License, or
+.\" (at your option) any later version.
+.\"
+.\" This program is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public License
+.\" along with this program; if not, write to the Free Software
+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+.\"
+.\"
+.SH NAME
+iptables-xml \(em Convert iptables-save format to XML
+.SH SYNOPSIS
+\fBiptables\-xml\fP [\fB\-c\fP] [\fB\-v\fP]
+.SH DESCRIPTION
+.PP
+.B iptables-xml
+is used to convert the output of iptables-save into an easily manipulatable
+XML format to STDOUT. Use I/O-redirection provided by your shell to write to
+a file.
+.TP
+\fB\-c\fR, \fB\-\-combine\fR
+combine consecutive rules with the same matches but different targets. iptables
+does not currently support more than one target per match, so this simulates
+that by collecting the targets from consecutive iptables rules into one action
+tag, but only when the rule matches are identical. Terminating actions like
+RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets.
+.TP
+\fB\-v\fR, \fB\-\-verbose\fR
+Output xml comments containing the iptables line from which the XML is derived
+
+.PP
+iptables-xml does a mechanistic conversion to a very expressive xml
+format; the only semantic considerations are for \-g and \-j targets in
+order to discriminate between <call> <goto> and <nane-of-target> as it
+helps xml processing scripts if they can tell the difference between a
+target like SNAT and another chain.
+
+Some sample output is:
+
+<iptables-rules>
+ <table name="mangle">
+ <chain name="PREROUTING" policy="ACCEPT" packet-count="63436"
+byte-count="7137573">
+ <rule>
+ <conditions>
+ <match>
+ <p>tcp</p>
+ </match>
+ <tcp>
+ <sport>8443</sport>
+ </tcp>
+ </conditions>
+ <actions>
+ <call>
+ <check_ip/>
+ </call>
+ <ACCEPT/>
+ </actions>
+ </rule>
+ </chain>
+ </table>
+</iptables-rules>
+
+.PP
+Conversion from XML to iptables-save format may be done using the
+iptables.xslt script and xsltproc, or a custom program using
+libxsltproc or similar; in this fashion:
+
+xsltproc iptables.xslt my-iptables.xml | iptables-restore
+
+.SH BUGS
+None known as of iptables-1.3.7 release
+.SH AUTHOR
+Sam Liddicott <azez@ufomechanic.net>
+.SH SEE ALSO
+\fBiptables\-save\fP(8), \fBiptables\-restore\fP(8), \fBiptables\fP(8)
diff --git a/iptables-xml.8 b/iptables-xml.8
deleted file mode 100644
index 048c2cb..0000000
--- a/iptables-xml.8
+++ /dev/null
@@ -1,87 +0,0 @@
-.TH IPTABLES-XML 8 "Jul 16, 2007" "" ""
-.\"
-.\" Man page written by Sam Liddicott <azez@ufomechanic.net>
-.\" It is based on the iptables-save man page.
-.\"
-.\" This program is free software; you can redistribute it and/or modify
-.\" it under the terms of the GNU General Public License as published by
-.\" the Free Software Foundation; either version 2 of the License, or
-.\" (at your option) any later version.
-.\"
-.\" This program is distributed in the hope that it will be useful,
-.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
-.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-.\" GNU General Public License for more details.
-.\"
-.\" You should have received a copy of the GNU General Public License
-.\" along with this program; if not, write to the Free Software
-.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-.\"
-.\"
-.SH NAME
-iptables-xml \(em Convert iptables-save format to XML
-.SH SYNOPSIS
-\fBiptables\-xml\fP [\fB\-c\fP] [\fB\-v\fP]
-.SH DESCRIPTION
-.PP
-.B iptables-xml
-is used to convert the output of iptables-save into an easily manipulatable
-XML format to STDOUT. Use I/O-redirection provided by your shell to write to
-a file.
-.TP
-\fB\-c\fR, \fB\-\-combine\fR
-combine consecutive rules with the same matches but different targets. iptables
-does not currently support more than one target per match, so this simulates
-that by collecting the targets from consecutive iptables rules into one action
-tag, but only when the rule matches are identical. Terminating actions like
-RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets.
-.TP
-\fB\-v\fR, \fB\-\-verbose\fR
-Output xml comments containing the iptables line from which the XML is derived
-
-.PP
-iptables-xml does a mechanistic conversion to a very expressive xml
-format; the only semantic considerations are for \-g and \-j targets in
-order to discriminate between <call> <goto> and <nane-of-target> as it
-helps xml processing scripts if they can tell the difference between a
-target like SNAT and another chain.
-
-Some sample output is:
-
-<iptables-rules>
- <table name="mangle">
- <chain name="PREROUTING" policy="ACCEPT" packet-count="63436"
-byte-count="7137573">
- <rule>
- <conditions>
- <match>
- <p>tcp</p>
- </match>
- <tcp>
- <sport>8443</sport>
- </tcp>
- </conditions>
- <actions>
- <call>
- <check_ip/>
- </call>
- <ACCEPT/>
- </actions>
- </rule>
- </chain>
- </table>
-</iptables-rules>
-
-.PP
-Conversion from XML to iptables-save format may be done using the
-iptables.xslt script and xsltproc, or a custom program using
-libxsltproc or similar; in this fashion:
-
-xsltproc iptables.xslt my-iptables.xml | iptables-restore
-
-.SH BUGS
-None known as of iptables-1.3.7 release
-.SH AUTHOR
-Sam Liddicott <azez@ufomechanic.net>
-.SH SEE ALSO
-\fBiptables\-save\fP(8), \fBiptables\-restore\fP(8), \fBiptables\fP(8)
--
1.7.3.4
^ permalink raw reply related [flat|nested] 10+ messages in thread