ip6tables-save
dump iptables rules to stdout
see also :
ip6tables-restore - ip6tables
Synopsis
ip6tables-save
[-M modprobe] [-c]
[-t table
add an example, a script, a trick and tips
examples
source
if ! sudo ip6tables-save | grep
-q '^-A'; then
echo CRITICAL: no IPv6 firewall rules
exit 2
fi
fi
source
log_warning_msg "Output for
ip6tables-save (IPv6 firewall)"
ip6tables-save
exit 0
;;
*)
log_success_msg "Usage: $0
start|stop|reload|status"
source
ip6tables-save | egrep -v '^(#|:)' >> $TESTTMP/save.1
do_cmd "0" nostats disable
ip6tables-save | egrep -v '^(#|:)' >> $TESTTMP/save.2
diff $TESTTMP/save.1 $TESTTMP/save.2 ||
{
source
log_action_cont_msg " IPv6"
ip6tables-save > /etc/iptables/rules.v6
if [ $? -ne 0 ]; then
rc=1
fi
fi
log_action_end_msg $rc
source
ip6tables-save >/etc/iptables/ipv6_rules
fi
fi
# stop fail2ban before flushing iptables
chains
source
log_action_cont_msg " IPv6"
ip6tables-save > /etc/iptables/rules.v6
if [ $? -ne 0 ]; then
rc=1
fi
fi
log_action_end_msg $rc
description
ip6tables-save
is used to dump the contents of an IPv6 Table in easily
parseable format to STDOUT. Use I/O-redirection provided by
your shell to write to a file.
-M modprobe_program
Specify the path to the
modprobe program. By default, iptables-save will inspect
/proc/sys/kernel/modprobe to determine the
executable’s path.
-c,
--counters
include the current values of
all packet and byte counters in the output
-t,
--table tablename
restrict output to only one
table. If not specified, output includes all available
tables.
bugs
None known as
of iptables-1.2.1 release
see also
ip6tables -restore"> ip6tables-restore ,
ip6tables
The
iptables-HOWTO, which details more iptables usage, the
NAT-HOWTO, which details NAT, and the
netfilter-hacking-HOWTO which details the internals.
authors
Harald Welte
<laforge[:at:]gnumonks[:dot:]org>
Andras Kis-Szabo <kisza[:at:]sch.bme[:dot:]hu>