Apologies for asking yet another novice question, but if I may, please? I'd like to construct an expression to match any iptables nodes with a dport = <specific value>. Here's an example:
augtool> print /files/etc/sysconfig/iptables/table/append[28] /files/etc/sysconfig/iptables/table/append[28] = "Mayo-Firewall-INPUT" /files/etc/sysconfig/iptables/table/append[28]/protocol = "tcp" /files/etc/sysconfig/iptables/table/append[28]/match = "tcp" /files/etc/sysconfig/iptables/table/append[28]/dport = "21" /files/etc/sysconfig/iptables/table/append[28]/jump = "ACCEPT" So, I thought I'd just have to say somethine like match .../append[*]/*[dport = 'XXXX'] but I'm not finding what I expect: augtool> match /files/etc/sysconfig/iptables/table/append[*]/*[dport = "21"] (no matches) augtool> match /files/etc/sysconfig/iptables/table/*/*[dport = "21"] (no matches) augtool> match /files/etc/sysconfig/iptables/table/*/*["dport" = "21"] (no matches) augtool> match /files/etc/sysconfig/iptables/table/append[28]/*["dport" = "21"] (no matches) Guidance, please? (And yes, I have read over the examples in the "Path Expressions" page on the hercules-team/augeas Wiki). Apologies for the questions, -- Pat On 9/30/13 3:48 PM, Patrick Spinler wrote: > > Fantastic, and thank you! This did indeed do the trick. :-) > > insert append before "/files/etc/sysconfig/iptables/table/append[. = > 'Mayo-Firewall-INPUT'][1]" > > Thank you muchly for your patience with my novice questions. :-) > > -- Pat > > On 9/30/13 3:31 PM, Raphaël Pinson wrote: >> Hi Pat, >> >> >> You need to select the first node matching your expression, by filtering >> a second time: >> >> insert append before "/files/etc/sysconfig/ >> iptables/table/append[position(. = >> 'Mayo-Firewall-INPUT')][1]" >> >> >> Regards, >> >> Raphaël >> >> >> >> On Mon, Sep 30, 2013 at 9:54 PM, Patrick Spinler >> <[email protected] <mailto:[email protected]>> wrote: >> >> >> Okay, so I have a structure like this: >> >> augtool> ls "/files/etc/sysconfig/iptables/table/" >> chain[1]/ = INPUT >> chain[2]/ = FORWARD >> chain[3]/ = OUTPUT >> chain[4]/ = Mayo-Firewall-INPUT >> append[1]/ = INPUT >> append[2]/ = INPUT >> append[3]/ = INPUT >> append[4]/ = INPUT >> append[5]/ = INPUT >> append[6]/ = INPUT >> append[7]/ = FORWARD >> append[8]/ = Mayo-Firewall-INPUT >> append[9]/ = Mayo-Firewall-INPUT >> append[10]/ = Mayo-Firewall-INPUT >> (...snip...) >> append[27]/ = Mayo-Firewall-INPUT >> append[28]/ = Mayo-Firewall-INPUT >> append[29]/ = Mayo-Firewall-INPUT >> >> I'd like to insert a new node immediately before the first >> >> append[. = 'Mayo-Firewall-INPUT'] >> >> node, that is, in this case, before append[8]. However, that position >> in the tree, [8], is obviously not constant. >> >> How might I do this? >> >> I've tried expressions like this: >> >> augtool> insert append before >> "/files/etc/sysconfig/iptables/table/append[. = 'Mayo-Firewall-INPUT']" >> error: Too many matches for path expression >> >> and expressions involving [position(...)], like this >> >> augtool> insert append before >> "/files/etc/sysconfig/iptables/table/append[position(. = >> 'Mayo-Firewall-INPUT')]" >> error: Invalid path expression >> >> >> which obviously both fail. Thoughts? >> >> Thanks, >> -- Pat >> >> _______________________________________________ >> augeas-devel mailing list >> [email protected] <mailto:[email protected]> >> https://www.redhat.com/mailman/listinfo/augeas-devel >> >> >> >> >> -- >> Raphaël Pinson >> Infrastructure Developer & Trainer >> +33 479 26 57 93 >> +33 781 90 00 79 >> >> Camptocamp France >> Savoie Technolac >> BP 352 >> 48, avenue du Lac du Bourget >> 73372 Le Bourget du Lac, Cedex >> www.camptocamp.com <http://www.camptocamp.com> > > _______________________________________________ > augeas-devel mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/augeas-devel > _______________________________________________ augeas-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/augeas-devel
