I'm talking about the same sets, but two rules, in two cases. The result
of the rules depend on the syntax of yours.
[...]
That's the problem: they are not always interchangeable. Sometimes they
are, sometimes they aren't.
[...]
And that is because the second dimension parameter is accounted for and you
have a member of the list1 set which is not of type hash:net,iface - that is
where the definition of in/out are different. Show me where the
"inconsistency" or the "confusion" is here then?
And this is what I call inconsistency and leads to confusion.
[...]
4. step
ipset del list1 netiface0
Rule a. and rule b. produce again the same result.
Oh yeah? Are you for real? They produce different results! The reason for that
is because the second dimension ('dst' and 'out') differ - by definition - for
sets other than hash:net,iface, which is the case here (ipport0 is still a
member of list1) - the same as step 3 above. Show me where the "inconsistency"
or the "confusion" is here then?
No, I'm mistaken here. Yeah, I myself were confused with your damned
syntax.
Let me ask you a question then - if I send you the patches where in/out
is allowed in list:set and produces "consistent" (by your own
high-standards) result would that be OK with you (if not, why not)?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
