xtables-restore: support test option `-t' You can now test if a rule-set is correct. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

commit: 18af813cabf7b574dec86beedf0a335e5928eaaa [log] [tgz]
author: Pablo Neira Ayuso <pablo@netfilter.org> Sun Jan 20 23:23:29 2013 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> Mon Dec 30 23:50:24 2013 +0100
tree: eb16cfa2f203554b0aeeefc3d12aa8251c96a313
parent: 2a87a024e1f77407e332086a4fa664e048280195 [diff]
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index ca9e0c0..c62b0a9 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c

@@ -266,14 +266,20 @@
 				DEBUGP("Calling commit\n");
 				ret = 1;
 			} else {
-				/* FIXME -t needs to be fixed */
+				if (nft_abort(&h)) {
+					xtables_error(OTHER_PROBLEM,
+						      "Failed to abort "
+						      "commit in table %s\n",
+						      curtable);
+				}
 				DEBUGP("Not calling commit, testing\n");
 				ret = 1;
 			}
 			in_table = 0;
 
 			/* Purge out unused chains in this table */
-			nft_table_purge_chains(&h, curtable, chain_list);
+			if (!testing)
+				nft_table_purge_chains(&h, curtable, chain_list);
 
 		} else if ((buffer[0] == '*') && (!in_table)) {
 			/* New table */
commit	18af813cabf7b574dec86beedf0a335e5928eaaa	[log] [tgz]
author	Pablo Neira Ayuso <pablo@netfilter.org>	Sun Jan 20 23:23:29 2013 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	Mon Dec 30 23:50:24 2013 +0100
tree	eb16cfa2f203554b0aeeefc3d12aa8251c96a313
parent	2a87a024e1f77407e332086a4fa664e048280195 [diff]