]> git.ipfire.org Git - thirdparty/iptables.git/commitdiff
projects / thirdparty / iptables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ead6927)
xtables-restore: Extend failure error message
authorPhil Sutter <phil@nwl.cc>
Thu, 25 Aug 2022 09:53:04 +0000 (11:53 +0200)
committerPhil Sutter <phil@nwl.cc>
Fri, 26 Aug 2022 13:19:07 +0000 (15:19 +0200)
If a line causes zero 'ret' value and errno is set, call nft_strerror()
for a more detailed error message. While not perfect, it helps with
debugging ominous "line NN failed" messages pointing at COMMIT:

| # iptables-nft-restore <<EOF
| *filter
| -A nonexist
| COMMIT
| EOF
| iptables-nft-restore: line 3 failed: No chain/target/match by that name.

Signed-off-by: Phil Sutter <phil@nwl.cc>
iptables/xtables-restore.c patch | blob | blame | history

diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index 1363f96ae0eb9febe779d06cb912f67501c8d527..052a80c2b958616bcf299efec38614affa0f5163 100644 (file)
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -249,8 +249,11 @@ static void xtables_restore_parse_line(struct nft_handle *h,
            (strcmp(p->tablename, state->curtable->name) != 0))
                return;
        if (!ret) {
-               fprintf(stderr, "%s: line %u failed\n",
+               fprintf(stderr, "%s: line %u failed",
                                xt_params->program_name, line);
+               if (errno)
+                       fprintf(stderr, ": %s.", nft_strerror(errno));
+               fprintf(stderr, "\n");
                exit(1);
        }
 }
Mirror of git://git.netfilter.org/iptables