Store iptables/nft stderr output in special files

2023-08-01 22:47:33 +02:00 · 2023-08-01 22:47:33 +02:00 · d29aa7887c
parent 80d6b5a67e
commit d29aa7887c
2 changed files with 8 additions and 6 deletions
--- a/2
+++ b/2
@ -12,6 +12,8 @@ The **patch** part changes is incremented if multiple releases happen the same m

 ### Added

+* Store iptables/nft stderr output in special files
+
 ### Changed

 ### Fixed
--- a/dump-server-state.sh
+++ b/dump-server-state.sh
@ -467,14 +467,14 @@ task_iptables() {
                printf "\n#### ip6tables --table mangle --list ###############\n"
                ${ip6tables_bin} --table mangle --list --numeric
            fi
-        } > "${dump_dir}/iptables.txt")
+        } > "${dump_dir}/iptables.txt") 2> "${dump_dir}/iptables.err"
        last_rc=$?

        if [ ${last_rc} -eq 0 ]; then
            debug "* iptables OK"
        else
            debug "* iptables ERROR"
-            debug "${last_result}"
+            debug "$(cat ${dump_dir}/iptables.err)"
            # Ignore errors because we don't know if this is nft related or a real error
            # rc=10
        fi
@ -485,14 +485,14 @@ task_iptables() {
    iptables_save_bin=$(command -v iptables-save)

    if [ -n "${iptables_save_bin}" ]; then
-        last_result=$(${iptables_save_bin} > "${dump_dir}/iptables-save.txt")
+        ${iptables_save_bin} > "${dump_dir}/iptables-save.txt" 2> "${dump_dir}/iptables-save.err"
        last_rc=$?

        if [ ${last_rc} -eq 0 ]; then
            debug "* iptables-save OK"
        else
            debug "* iptables-save ERROR"
-            debug "${last_result}"
+            debug "$(cat ${dump_dir}/iptables-save.err)"
            # Ignore errors because we don't know if this is nft related or a real error
            # rc=10
        fi
@ -503,14 +503,14 @@ task_iptables() {
    nft_bin=$(command -v nft)

    if [ -n "${nft_bin}" ]; then
-        last_result=$(${nft_bin} list ruleset > "${dump_dir}/nft-ruleset.txt")
+        ${nft_bin} list ruleset > "${dump_dir}/nft-ruleset.txt" 2> "${dump_dir}/nft-ruleset.err"
        last_rc=$?

        if [ ${last_rc} -eq 0 ]; then
            debug "* nft ruleset OK"
        else
            debug "* nft ruleset ERROR"
-            debug "${last_result}"
+            debug "$(cat ${dump_dir}/nft-ruleset.err)"
            rc=10
        fi
    fi