Bug 983198
| Summary: | iptables-save man page completely wrong - which conflicting arguments should work? | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Paul Wouters <pwouters> | |
| Component: | iptables | Assignee: | Thomas Woerner <twoerner> | |
| Status: | CLOSED ERRATA | QA Contact: | Ales Zelinka <azelinka> | |
| Severity: | low | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 6.4 | CC: | azelinka, iptables-maint-list | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 983200 1054871 (view as bug list) | Environment: | ||
| Last Closed: | 2013-11-21 23:34:48 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 983200 | |||
note that "iptables-save --help" or iptables-save -h" should also be fixed. This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1710.html |
Description of problem: I was trying to prevent iptables-save from loading kernel modules. I looked at "man iptables-save" which said: SYNOPSIS iptables-save [-M modprobe] [-c] [-t table] -M modprobe_program Specify the path to the modprobe program. By default, iptables-save will inspect /proc/sys/kernel/modprobe to determine the executable’s path. However: # iptables-save -M /dev/null iptables-save: invalid option -- 'M' Unknown arguments found on commandline while iptables-save --help or -h does not work, the binary does seem to show there must me a magic incantation for it, because strings on the binary shows: Usage: %s [-b] [-c] [-v] [-t] [-h] [ --binary ] [ --counters ] [ --verbose ] [ --test ] [ --help ] [ --noflush ] [ --table=<TABLE> ] [ --modprobe=<command>] Version-Release number of selected component (if applicable): iptables-1.4.7-9.el6.x86_64 And indeed, --modprobe= seems to work as expected. So there is a problem between the documented arguments and the actual arguments, possible induced by /sbin/iptables-save being an "/etc/alternative" link to /sbin/iptables-save-1.4.7 I'm not sure if the bug should be "fix the man page" or "fix the binary/link". but if people were used to -M and now need --modprobe, perhaps iptables-save should allow for both now.