#include <time.h>
#include <netdb.h>
#include <arpa/inet.h>
+#include <unistd.h>
#include "libiptc/libip6tc.h"
#include "ip6tables.h"
#include "ip6tables-multi.h"
{.name = "dump", .has_arg = false, .val = 'd'},
{.name = "table", .has_arg = true, .val = 't'},
{.name = "modprobe", .has_arg = true, .val = 'M'},
+ {.name = "file", .has_arg = true, .val = 'f'},
{NULL},
};
int ip6tables_save_main(int argc, char *argv[])
{
const char *tablename = NULL;
- int c;
+ FILE *file = NULL;
+ int ret, c;
ip6tables_globals.program_name = "ip6tables-save";
c = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6);
init_extensions6();
#endif
- while ((c = getopt_long(argc, argv, "bcdt:M:", options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "bcdt:M:f:", options, NULL)) != -1) {
switch (c) {
case 'b':
fprintf(stderr, "-b/--binary option is not implemented\n");
case 'M':
xtables_modprobe_program = optarg;
break;
+ case 'f':
+ file = fopen(optarg, "w");
+ if (file == NULL) {
+ fprintf(stderr, "Failed to open file, error: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ ret = dup2(fileno(file), STDOUT_FILENO);
+ if (ret == -1) {
+ fprintf(stderr, "Failed to redirect stdout, error: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ fclose(file);
+ break;
case 'd':
do_output(tablename);
exit(0);
.\"
.\"
.SH NAME
-iptables-save \(em dump iptables rules to stdout
+iptables-save \(em dump iptables rules
.P
-ip6tables-save \(em dump iptables rules to stdout
+ip6tables-save \(em dump iptables rules
.SH SYNOPSIS
\fBiptables\-save\fP [\fB\-M\fP \fImodprobe\fP] [\fB\-c\fP]
-[\fB\-t\fP \fItable\fP]
+[\fB\-t\fP \fItable\fP] [\fB\-f\fP \fIfilename\fP]
.P
\fBip6tables\-save\fP [\fB\-M\fP \fImodprobe\fP] [\fB\-c\fP]
-[\fB\-t\fP \fItable\fP]
+[\fB\-t\fP \fItable\fP] [\fB\-f\fP \fIfilename\fP]
.SH DESCRIPTION
.PP
.B iptables-save
and
.B ip6tables-save
are used to dump the contents of IP or IPv6 Table in easily parseable format
-to STDOUT. Use I/O-redirection provided by your shell to write to a file.
+either to STDOUT or to a specified file.
.TP
\fB\-M\fR, \fB\-\-modprobe\fR \fImodprobe_program\fP
Specify the path to the modprobe program. By default, iptables-save will
inspect /proc/sys/kernel/modprobe to determine the executable's path.
.TP
+\fB\-f\fR, \fB\-\-file\fR \fIfilename\fP
+Specify a filename to log the output to. If not specified, iptables-save
+will log to STDOUT.
+.TP
\fB\-c\fR, \fB\-\-counters\fR
include the current values of all packet and byte counters in the output
.TP
#include <string.h>
#include <time.h>
#include <netdb.h>
+#include <unistd.h>
#include "libiptc/libiptc.h"
#include "iptables.h"
#include "iptables-multi.h"
{.name = "dump", .has_arg = false, .val = 'd'},
{.name = "table", .has_arg = true, .val = 't'},
{.name = "modprobe", .has_arg = true, .val = 'M'},
+ {.name = "file", .has_arg = true, .val = 'f'},
{NULL},
};
iptables_save_main(int argc, char *argv[])
{
const char *tablename = NULL;
- int c;
+ FILE *file = NULL;
+ int ret, c;
iptables_globals.program_name = "iptables-save";
c = xtables_init_all(&iptables_globals, NFPROTO_IPV4);
init_extensions4();
#endif
- while ((c = getopt_long(argc, argv, "bcdt:M:", options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "bcdt:M:f:", options, NULL)) != -1) {
switch (c) {
case 'b':
fprintf(stderr, "-b/--binary option is not implemented\n");
case 'M':
xtables_modprobe_program = optarg;
break;
+ case 'f':
+ file = fopen(optarg, "w");
+ if (file == NULL) {
+ fprintf(stderr, "Failed to open file, error: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ ret = dup2(fileno(file), STDOUT_FILENO);
+ if (ret == -1) {
+ fprintf(stderr, "Failed to redirect stdout, error: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ fclose(file);
+ break;
case 'd':
do_output(tablename);
exit(0);
#include <string.h>
#include <time.h>
#include <netdb.h>
+#include <unistd.h>
#include "libiptc/libiptc.h"
#include "iptables.h"
#include "xtables-multi.h"
{.name = "dump", .has_arg = false, .val = 'd'},
{.name = "table", .has_arg = true, .val = 't'},
{.name = "modprobe", .has_arg = true, .val = 'M'},
+ {.name = "file", .has_arg = true, .val = 'f'},
{.name = "ipv4", .has_arg = false, .val = '4'},
{.name = "ipv6", .has_arg = false, .val = '6'},
{NULL},
struct nft_handle h = {
.family = family,
};
- int c;
+ FILE *file = NULL;
+ int ret, c;
xtables_globals.program_name = progname;
c = xtables_init_all(&xtables_globals, family);
exit(EXIT_FAILURE);
}
- while ((c = getopt_long(argc, argv, "bcdt:M:46", options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "bcdt:M:f:46", options, NULL)) != -1) {
switch (c) {
case 'b':
fprintf(stderr, "-b/--binary option is not implemented\n");
case 'M':
xtables_modprobe_program = optarg;
break;
+ case 'f':
+ file = fopen(optarg, "w");
+ if (file == NULL) {
+ fprintf(stderr, "Failed to open file, error: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ ret = dup2(fileno(file), STDOUT_FILENO);
+ if (ret == -1) {
+ fprintf(stderr, "Failed to redirect stdout, error: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+ fclose(file);
+ break;
case 'd':
dump = true;
break;
projects / thirdparty / iptables.git / commitdiff
