From 8ba1724c0d949e157ecfb9c1408aae9313faf404 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Wed, 18 Aug 2004 18:25:12 +0000
Subject: [PATCH] Workaround for iptables-save bug

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1553 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall2/shorewall | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Shorewall2/shorewall b/Shorewall2/shorewall
index 04b90b27d..f120bcb05 100755
--- a/Shorewall2/shorewall
+++ b/Shorewall2/shorewall
@@ -1044,6 +1044,9 @@ case "$1" in
 			    echo "   Dynamic Rules Saved"
 			    if [ -f /var/lib/shorewall/restore-base ]; then
 				cp -f /var/lib/shorewall/restore-base /var/lib/shorewall/restore-$$
+				#
+				# The 'awk' hack compensates for a bug in iptables-save (actually in libipt_policy.so) and can be removed when that bug is fixed.
+				#
 				if iptables-save | awk 'BEGIN {sline=""; }; /^-j/ { print sline $0; next }; /-m policy/ { sline=$0; next }; {print ; sline="" }' >> /var/lib/shorewall/restore-$$ ; then
 				    echo __EOF__ >> /var/lib/shorewall/restore-$$
 				    mv -f /var/lib/shorewall/restore-$$ $RESTOREPATH