Description of Problem:
iptables-save is unable to correctly save iptables rules that contain an
interface description that includes the '+' character. iptables itself
considers the interface description "eth+" to match "eth0", "eth1", "eth2",
etc., however, when iptables-save stores such a rule it merely inserts "-i
eth" which causes the rule to match no interfaces. There is no error
output, so user assumes everything worked and on the next reboot stands a
very good chance of not being able to access the machine remotely.

Version-Release number of selected component (if applicable):
iptables-1.2.1a-1

How Reproducible:
The clearest demonstration I can think of would be to clear out clear out
all of the rules, set the default policy for the input chain to be DENY and
add the rule:

iptables -A INPUT -i eth+ -j ACCEPT

then do an iptables-save followed by an iptables-restore and try to connect
from a remote machine, it won't work. If you examine
/etc/sysconfig/iptables you will see for that rule that the line will read:

[0:0] -A INPUT -i eth -j ACCEPT

(or something similar). iptables-restore restores this rule faithfully and
tells iptables to match an interface named "eth", which of course doesn't
exist, so all packets will be ignored by this rule.