On Thursday 2010-10-28 11:54, Patrick McHardy wrote: >On 25.10.2010 23:57, Jan Engelhardt wrote: >> On Tuesday 2010-10-19 17:16, Jan Engelhardt wrote: >> >>> When using `-m mark --mark 2 -m connmark --mark 2`, the user currently >>> gets an error about the (libxt_mark) --mark option being used twice. >>> This is because libxt_connmark's option table does not override any >>> previous options. This patch changes this behavior, since the current >>> behavior does not allow connmark's option to be used at all, which is >>> illogical. >> >> As per fw's suggestion, I should nag you every 48 hours ;-) >> >> Really, this should be in the next tag. > >This stuff is pretty fragile and whenever we changed it, something broke >for users. Why not simply add new options (--connmark etc). That would >also be more consistent with the other extensions. Adding new options does not fix the real problem, and you cannot easily ensure that no options will clash with another. And what do you do when you use -m hashlimit --hashlimit-name abc -m hashlimit --hashlimit-name def? You can't use new options here. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
