[Bug 744] set:list behavior
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Mon Sep 5 10:14:42 CEST 2011
http://bugzilla.netfilter.org/show_bug.cgi?id=744
Jozsef Kadlecsik <kadlec at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kadlec at netfilter.org
Status|NEW |RESOLVED
Resolution| |WONTFIX
--- Comment #1 from Jozsef Kadlecsik <kadlec at netfilter.org> 2011-09-05 10:14:42 ---
The ipset version (v6.8-genl-xta) and protocol version (96?!) is totally bogus
to me.
I understand your feature request but I'm not going to implement it, because
it'd cost too much, both in effort and resources. The reason is that ipset, the
userspace tool, has to know what to expect as input for a given set. However,
the list of sets may contain any kind of sets. So if you'd enter
ipset test Blacklist smtp
how should ipset interpret the string "smtp"? As a port from /etc/services? Or
as a hostname from /etc/hosts (if accidentally there's a host named smtp
there)?
If host, then use the IPv4 or IPv6 address of that host?
The only safe way would be to loop through all of the sets in the list,
interpret the input according to the given subset type, attempt the operation
and return input error only if all the subsets are exhausted. However that'd
require the reworking of a quite large part of ipset.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
More information about the netfilter-buglog
mailing list