On Wed, Apr 03, 2013 at 04:27:29PM +0200, holger@xxxxxxxxxxxxxxxx wrote: > Hi, > > for streamlining our ip6tables ruleset it would be helpfull to match > on *any* ICMPv6 informational type. If not being able to specify any > informational type it would be required to specify the most common > types excplicitely, with as many rules as types. And then with the > risk of missing some of them. > > Therefore the attached two patches implement the ability to match on > any ICMPv6 informational (--icmpv6-info) or error (--icmpv6-error) > type. > > I made the options --icmpv6-type, --icmpv6-error and --icmpv6-info > mutually exclusive. > > These are the points I'd like your comment specifically: > > 1. I tried not to introduce a new revision by reusing the > icmpv6_icmp.invflags for the new flags. > > 2. I think I can even rename icmpv6_icmp.invflags to icmpv6_icmp.flags > because the ABI still being the same. I did this because the name > 'invflags' being slightly misleading otherwise. > > 3. the F_* flags in the iptables extensions are the same values as > the IP6T_ICMP_* values. Should I use the IP6T_ICMP_* values > in the extension? > > Or add a new revision instead? Please, add a new revision. The ABI will not be broken, but people using new iptables versions with old kernels will not get any specific error report telling that what they specify will not work. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
