[Bug 835] protocol without option is failing

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed Aug 14 23:47:09 CEST 2013


https://bugzilla.netfilter.org/show_bug.cgi?id=835

--- Comment #3 from Phil Oester <netfilter at linuxace.com> 2013-08-14 23:47:08 CEST ---
The original commit which added this feature does not mesh with your
understanding:

commit 6c3eec6ad009d7ed8a219291b98886a80b26b8e4
Author: Patrick McHardy <kaber at trash.net>
Date:   Wed Dec 5 19:39:00 2012 +0100

    parser: fix parsing protocol names for protocols which are also keywords

    "ip protocol tcp" will currently produce a syntax error since tcp is also a
keyword
    which is expected ot be followed by a tcp header field. Allow to use
protocol names
    that are also keywords and allocate a constant expression for them.


Aside from that, I think it wouldn't fit with the existing language to have
protocols listed by themselves.  When you want to choose a specific feature of
the ip header, you need to use "ip <header> <foo>".  So "ip protocol tcp" is
consistent with "ip saddr x.x.x.x".  In general, the parser seems more
consistent the way it is currently operating.  

And finally, even iptables requires "-p" before specifying a protocol.

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the netfilter-buglog mailing list