On Fri, 15 Aug 2008, Jan Engelhardt wrote: > On Friday 2008-08-15 14:46, Pablo Neira Ayuso wrote: > >I see, it's worth to know this issue. However, my main objection with > >this patch is: is there any match in iptables mainline that actually > >uses two options with clashing names? > > - mark, connmark, realm mark and connmark do clash, so I was wrong in my previous reply about non-clashing in mainline. There might be cases when one would want to check the mark value of a packet and a conntrack entry, which is currently not possible in a single rule due to the clashing option name. Reading the manpage, realm does not clash with either mark or connmark. > - ecn and ECN The options of the ecn match and the ECN target are not clashing. > - multiport and tcp/udp/sctp/dccp. They are ortogonal. > (There was a reason to my post after all ;-) Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
