Bug 970509 - firewall-cmd, what is <table>
firewall-cmd, what is <table>
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: firewalld (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Thomas Woerner
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-04 04:12 EDT by Petr Sklenar
Modified: 2013-08-03 20:08 EDT (History)
2 users (show)

See Also:
Fixed In Version: firewalld-0.3.4-1.fc19
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-08-03 20:08:38 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Petr Sklenar 2013-06-04 04:12:51 EDT
Description of problem:
man says:
firewall-cmd --direct --get-chains { ipv4 | ipv6 | eb } <table>

Version-Release number of selected component (if applicable):
firewalld-0.3.2-1.fc19.noarch

How reproducible:
deterministic

Steps to Reproduce:
1. look at man and list some chain
2. <table> is not described what's that

Actual results:
firewall-cmd  --get-chains ipv4 raw
# no output
firewall-cmd  --get-chains ipv4 filter
# no output, is that wrong table or zero chain?

Expected results:
there is mentioned what is <table>
if there is no output, it should indicate that list is empty

Additional info:
are tables in list of `cat /proc/net/ip_tables_names` ? 
why there is no output?
Comment 1 Jiri Popelka 2013-06-07 12:09:49 EDT
(In reply to Petr Sklenar from comment #0)
> Expected results:
> there is mentioned what is <table>

yes, we should improve the man page to say that for
<table>, <chain> and <args> one should consult iptables(8) first.

> if there is no output, it should indicate that list is empty

I think the typical use case is to forward the output to variable and then check whether it's (non)empty.

> Additional info:
> are tables in list of `cat /proc/net/ip_tables_names` ? 

yes (but see below)

> why there is no output?

because --query-[chain/rule] and --get-[chains/rules] take into consideration only chains/rules previously added with 'firewall-cmd --direct'.
I'm not sure whether that's by design or bug but I guess the former one. Thomas ???
It should be definitely noted in man page too.

I've improved the firewall-cmd man page, let me know what do you think
https://git.fedorahosted.org/cgit/firewalld.git/commit/?id=4532f569ac502fa910ddf109a729a827940486f0
Comment 2 Fedora Update System 2013-07-30 15:12:53 EDT
firewalld-0.3.4-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/firewalld-0.3.4-1.fc19
Comment 3 Fedora Update System 2013-08-01 23:48:06 EDT
Package firewalld-0.3.4-1.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing firewalld-0.3.4-1.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-14046/firewalld-0.3.4-1.fc19
then log in and leave karma (feedback).
Comment 4 Fedora Update System 2013-08-03 20:08:38 EDT
firewalld-0.3.4-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.