On Nov 27 2007 13:33, Amin Azez wrote: >>>> The version Jan posted doesn't match on mac but on IP address. >>> >>> It should be refusing to match mac if the ip's do match in the --gateway >>> match, because if the IP matches then the host is being addressed >>> directly and not as a gateway. >>> That's why it also checks IP. >>> >>> + if (memcmp(&info->gateway_v4, &neigh->primary_key, tbl->key_len) != 0) >>> + return false; >>> >>> It checks mac as the primary key of the neighbour table. >> >> The primary key is the IP address. > >thats true :-) Shame! >I can't even remember code I wrote 5 months back! > >So.... > >And so unless Jan has a strong case, I think you are right that this >adds nothing extra that routing realms have, and possible causes some >surprises in some non-routing conditions. > >Although I still prefer it in routing cases, I admit there is no strong >case that you should prefer it. So, does this make xt_gateway "obsolete enough" for me to drop it from my trees? - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
