1#!/bin/bash 2 3RET=0 4tmpfile="" 5 6clean_tmpfile() 7{ 8 if [ ! -z "$tmpfile" ];then 9 rm -f "$tmpfile" 10 fi 11} 12 13trap clean_tmpfile EXIT 14 15do_diff() 16{ 17 A="$1" 18 B="$2" 19 20 AT=$(mktemp) 21 grep -v "^#" "$A" > "$AT" 22 23 diff -u "$AT" "$B" 24 x=$? 25 rm -f "$AT" 26 27 return $x 28} 29 30tmpfile=$(mktemp) || exit 1 31do_simple() 32{ 33 iptables="$1" 34 dumpfile="$2" 35 opt="$3" 36 37 $XT_MULTI ${iptables}-restore $opt < "$dumpfile" 38 if [ $? -ne 0 ]; then 39 echo "$XT_MULTI ${iptables}-restore $opt $dumpfile failed" 1>&2 40 exit 1 41 fi 42 43 :> "$tmpfile" 44 45 for table in mangle raw filter; do 46 $XT_MULTI ${iptables}-save -t $table $opt | grep -v "^#" >> "$tmpfile" 47 done 48 49 do_diff $dumpfile "$tmpfile" 50 51 if [ $? -ne 0 ]; then 52 RET=1 53 fi 54} 55# fedora27-iptables dump contains chain counters to test counter restore/save 56do_simple "iptables" $(dirname "$0")/dumps/fedora27-iptables "-c" 57do_simple "ip6tables" $(dirname "$0")/dumps/fedora27-ip6tables 58 59exit $RET 60