iptables-restore.8.in 3.58 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
.TH IPTABLES-RESTORE 8 "" "@PACKAGE_STRING@" "@PACKAGE_STRING@"
.\"
.\" Man page written by Harald Welte <laforge@gnumonks.org>
.\" It is based on the iptables man page.
.\"
.\"	This program is free software; you can redistribute it and/or modify
.\"	it under the terms of the GNU General Public License as published by
.\"	the Free Software Foundation; either version 2 of the License, or
.\"	(at your option) any later version.
.\"
.\"	This program is distributed in the hope that it will be useful,
.\"	but WITHOUT ANY WARRANTY; without even the implied warranty of
.\"	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\"	GNU General Public License for more details.
.\"
.\"	You should have received a copy of the GNU General Public License
.\"	along with this program; if not, write to the Free Software
.\"	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
.\"
.\"
.SH NAME
iptables-restore \(em Restore IP Tables
.P
ip6tables-restore \(em Restore IPv6 Tables
.SH SYNOPSIS
26
27
28
\fBiptables\-restore\fP [\fB\-chntvV\fP] [\fB\-w\fP \fIsecs\fP]
[\fB\-W\fP \fIusecs\fP] [\fB\-M\fP \fImodprobe\fP] [\fB\-T\fP \fIname\fP]
[\fBfile\fP]
29
.P
30
31
32
\fBip6tables\-restore\fP [\fB\-chntvV\fP] [\fB\-w\fP \fIsecs\fP]
[\fB\-W\fP \fIusecs\fP] [\fB\-M\fP \fImodprobe\fP] [\fB\-T\fP \fIname\fP]
[\fBfile\fP]
33
34
35
36
37
.SH DESCRIPTION
.PP
.B iptables-restore
and
.B ip6tables-restore
38
39
40
are used to restore IP and IPv6 Tables from data specified on STDIN or in
\fIfile\fP. Use I/O redirection provided by your shell to read from a file or
specify \fIfile\fP as an argument.
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
.TP
\fB\-c\fR, \fB\-\-counters\fR
restore the values of all packet and byte counters
.TP
\fB\-h\fP, \fB\-\-help\fP
Print a short option summary.
.TP
\fB\-n\fR, \fB\-\-noflush\fR
don't flush the previous contents of the table. If not specified,
both commands flush (delete) all previous contents of the respective table.
.TP
\fB\-t\fP, \fB\-\-test\fP
Only parse and construct the ruleset, but do not commit it.
.TP
\fB\-v\fP, \fB\-\-verbose\fP
Print additional debug info during ruleset processing.
.TP
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
\fB\-V\fP, \fB\-\-version\fP
Print the program version number.
.TP
\fB\-w\fP, \fB\-\-wait\fP [\fIseconds\fP]
Wait for the xtables lock.
To prevent multiple instances of the program from running concurrently,
an attempt will be made to obtain an exclusive lock at launch.  By default,
the program will exit if the lock cannot be obtained.  This option will
make the program wait (indefinitely or for optional \fIseconds\fP) until
the exclusive lock can be obtained.
.TP
\fB\-W\fP, \fB\-\-wait-interval\fP \fImicroseconds\fP
Interval to wait per each iteration.
When running latency sensitive applications, waiting for the xtables lock
for extended durations may not be acceptable. This option will make each
iteration take the amount of time specified. The default interval is
1 second. This option only works with \fB\-w\fP.
.TP
76
77
78
79
80
81
82
83
84
85
86
87
88
89
\fB\-M\fP, \fB\-\-modprobe\fP \fImodprobe_program\fP
Specify the path to the modprobe program. By default, iptables-restore will
inspect /proc/sys/kernel/modprobe to determine the executable's path.
.TP
\fB\-T\fP, \fB\-\-table\fP \fIname\fP
Restore only the named table even if the input stream contains other ones.
.SH BUGS
None known as of iptables-1.2.1 release
.SH AUTHORS
Harald Welte <laforge@gnumonks.org> wrote iptables-restore based on code
from Rusty Russell.
.br
Andras Kis-Szabo <kisza@sch.bme.hu> contributed ip6tables-restore.
.SH SEE ALSO
90
\fBiptables\-apply\fP(8),\fBiptables\-save\fP(8), \fBiptables\fP(8)
91
92
93
94
.PP
The iptables-HOWTO, which details more iptables usage, the NAT-HOWTO,
which details NAT, and the netfilter-hacking-HOWTO which details the
internals.