From f73416517ac7bb6868ff4c0199fcd4327c9dffa5 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 28 Jul 2021 17:53:53 +0200 Subject: [PATCH] doc: ebtables-nft.8: Adjust for missing atomic-options Drop any reference to them (and the environment variable) but list them in BUGS section hinting at ebtables-save and -restore tools. Fixes: 1939cbc25e6f5 ("doc: Adjust ebtables man page") Signed-off-by: Phil Sutter Acked-by: Pablo Neira Ayuso (cherry picked from commit 765bf04ecc228783cb88c810c85bc0c769579c39) --- iptables/ebtables-nft.8 | 64 ++++++----------------------------------- 1 file changed, 8 insertions(+), 56 deletions(-) diff --git a/iptables/ebtables-nft.8 b/iptables/ebtables-nft.8 index 5bdc0bb8a939e..85f6738d7d1aa 100644 --- a/iptables/ebtables-nft.8 +++ b/iptables/ebtables-nft.8 @@ -44,12 +44,6 @@ ebtables \- Ethernet bridge frame table administration (nft-based) .br .BR "ebtables " [ -t " table ] " --init-table .br -.BR "ebtables " [ -t " table ] [" --atomic-file " file] " --atomic-commit -.br -.BR "ebtables " [ -t " table ] [" --atomic-file " file] " --atomic-init -.br -.BR "ebtables " [ -t " table ] [" --atomic-file " file] " --atomic-save -.br .SH DESCRIPTION .PP @@ -162,11 +156,9 @@ a table, the commands apply to the default filter table. Only one command may be used on the command line at a time, except when the commands .BR -L " and " -Z -are combined, the commands +are combined or the commands .BR -N " and " -P -are combined, or when -.B --atomic-file -is used. +are combined. .TP .B "-A, --append" Append a rule to the end of the selected chain. @@ -326,39 +318,6 @@ of the ebtables kernel table. .TP .B "--init-table" Replace the current table data by the initial table data. -.TP -.B "--atomic-init" -Copy the kernel's initial data of the table to the specified -file. This can be used as the first action, after which rules are added -to the file. The file can be specified using the -.B --atomic-file -command or through the -.IR EBTABLES_ATOMIC_FILE " environment variable." -.TP -.B "--atomic-save" -Copy the kernel's current data of the table to the specified -file. This can be used as the first action, after which rules are added -to the file. The file can be specified using the -.B --atomic-file -command or through the -.IR EBTABLES_ATOMIC_FILE " environment variable." -.TP -.B "--atomic-commit" -Replace the kernel table data with the data contained in the specified -file. This is a useful command that allows you to load all your rules of a -certain table into the kernel at once, saving the kernel a lot of precious -time and allowing atomic updates of the tables. The file which contains -the table data is constructed by using either the -.B "--atomic-init" -or the -.B "--atomic-save" -command to generate a starting file. After that, using the -.B "--atomic-file" -command when constructing rules or setting the -.IR EBTABLES_ATOMIC_FILE " environment variable" -allows you to extend the file and build the complete table before -committing it to the kernel. This command can be very useful in boot scripts -to populate the ebtables tables in a fast way. .SS MISCELLANOUS COMMANDS .TP .B "-V, --version" @@ -384,16 +343,6 @@ a target extension (see .BR "TARGET EXTENSIONS" ")" or a user-defined chain name. .TP -.B --atomic-file "\fIfile\fP" -Let the command operate on the specified -.IR file . -The data of the table to -operate on will be extracted from the file and the result of the operation -will be saved back into the file. If specified, this option should come -before the command specification. An alternative that should be preferred, -is setting the -.IR EBTABLES_ATOMIC_FILE " environment variable." -.TP .B -M, --modprobe "\fIprogram\fP" When talking to the kernel, use this .I program @@ -1113,8 +1062,6 @@ arp message and the hardware address length in the arp header is 6 bytes. .br .SH FILES .I /etc/ethertypes -.SH ENVIRONMENT VARIABLES -.I EBTABLES_ATOMIC_FILE .SH MAILINGLISTS .BR "" "See " http://netfilter.org/mailinglists.html .SH BUGS @@ -1122,7 +1069,12 @@ The version of ebtables this man page ships with does not support the .B broute table. Also there is no support for .B string -match. And finally, this list is probably not complete. +match. Further, support for atomic-options +.RB ( --atomic-file ", " --atomic-init ", " --atomic-save ", " --atomic-commit ) +has not been implemented, although +.BR ebtables-save " and " ebtables-restore +might replace them entirely given the inherent atomicity of nftables. +Finally, this list is probably not complete. .SH SEE ALSO .BR xtables-nft "(8), " iptables "(8), " ip "(8), " nft (8) .PP -- 2.33.0