On Sun, 8 Jul 2012, Mr Dash Four wrote: > > > I wait for a better solution, which does not produce different results > > > depending on the "in/out" or "src/dst" syntax, for all set types, > > > including the list of sets. > > > > To make sure I'm not misunderstood, I have to add to the last sentence: > > "...and where both syntax is accepted". > > > If you know of a case where 'in' or 'out' direction parameters "are accepted" > and produce "different results" (by "different results" I mean different from > their own definition - match on incoming/outgoing interfaces only), then, by > all means, let me know. I repeat it as many times it's required. The rules iptables -A INPUT -m set --match-set list1 src,src -j ACCEPT iptables -A INPUT -m set --match-set list1 src,in -j ACCEPT would produce different results and that's unacceptable. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
