Jan Engelhardt wrote: > On Nov 27 2007 13:33, Amin Azez wrote: > >>>>> The version Jan posted doesn't match on mac but on IP address. >>>>> >>>> It should be refusing to match mac if the ip's do match in the --gateway >>>> match, because if the IP matches then the host is being addressed >>>> directly and not as a gateway. >>>> That's why it also checks IP. >>>> >>>> + if (memcmp(&info->gateway_v4, &neigh->primary_key, tbl->key_len) != 0) >>>> + return false; >>>> >>>> It checks mac as the primary key of the neighbour table. >>>> >>> The primary key is the IP address. >>> >> thats true :-) Shame! >> I can't even remember code I wrote 5 months back! >> >> So.... >> >> And so unless Jan has a strong case, I think you are right that this >> adds nothing extra that routing realms have, and possible causes some >> surprises in some non-routing conditions. >> >> Although I still prefer it in routing cases, I admit there is no strong >> case that you should prefer it. >> > > So, does this make xt_gateway "obsolete enough" for me to drop it from > my trees? > I'll still be using it. I don't think we can make a strong case for Patrick to accept it. Anyone with routing setup scripts can easily add realm to that. Sam - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
