| #!/bin/bash |
| |
| # Make sure iptables-restore simply ignores |
| # rules starting with -6 |
| |
| set -e |
| |
| # show rules, drop uninteresting policy settings |
| ipt_show() { |
| $XT_MULTI iptables -S | grep -v '^-P' |
| } |
| |
| # issue reproducer for iptables-restore |
| |
| $XT_MULTI iptables-restore <<EOF |
| *filter |
| -A FORWARD -m comment --comment any -j ACCEPT |
| -4 -A FORWARD -m comment --comment ipv4 -j ACCEPT |
| -6 -A FORWARD -m comment --comment ipv6 -j ACCEPT |
| COMMIT |
| EOF |
| |
| EXPECT='-A FORWARD -m comment --comment any -j ACCEPT |
| -A FORWARD -m comment --comment ipv4 -j ACCEPT' |
| |
| diff -u -Z <(echo -e "$EXPECT") <(ipt_show) |