rust-iptables icon indicating copy to clipboard operation
rust-iptables copied to clipboard

Published 20 hours ago verified publisher icon yaa110

Failing to list iptables rules (-S) when is_numeric = true (-n is an invalid argument with -S)

Open WatakiWatako opened this issue 2 years ago • 0 comments

Hey,

Since version 0.5.0, the "list" function returns an empty list. This appears to be because the "-n" argument is invalid when used with -S.

For example:

$ iptables -t filter -S INPUT -n
iptables v1.6.1: Illegal option `-n' with this command

Try `iptables -h' or 'iptables --help' for more information.

true => self.get_list(&["-t", table, "-S", chain, "-n"]), from the following code should not contain "-n" in the argument list. The save arguments do not appear to include hostnames in any case.

/// Lists rules in the table/chain.
    pub fn list(&self, table: &str, chain: &str) -> Result<Vec<String>, Box<dyn Error>> {
        match self.is_numeric {
            false => self.get_list(&["-t", table, "-S", chain]),
            true => self.get_list(&["-t", table, "-S", chain, "-n"]),
        }
    }

Suggested solution:

/// Lists rules in the table/chain.
    pub fn list(&self, table: &str, chain: &str) -> Result<Vec<String>, Box<dyn Error>> {
        self.get_list(&["-t", table, "-S", chain])
    }

The exists_old_version and list_table functions also appear to have the same issue.

Thank you for this excellent crate!

WatakiWatako avatar Feb 16 '22 16:02 WatakiWatako