On Friday 2008-08-15 15:31, Jozsef Kadlecsik wrote: >> For example: >> >> iptables -t mangle -A PREROUTING -m a --mac-source 00:11:22:33:44:55 >> -m b --mac-source 00:11:22:33:44:55 -j ACCEPT >> >> the above command will fail due to the later match. > >Yes: you should use match-specific options, like > >iptables -t mangle -A PREROUTING -m a --a-mac-source 00:11:22:33:44:55 >-m b --b-mac-source 00:11:22:33:44:55 -j ACCEPT I disagree. If you chain multiple matches, e.g. -m condition --name FOO -m conidtion --name BAR you can't choose a different option name naturally. Hence I am of the opinion that different matches should also support this syntax. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
