[Bug 790] Normalize iptables rules

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon Jun 24 17:05:47 CEST 2013


https://bugzilla.netfilter.org/show_bug.cgi?id=790

--- Comment #7 from Andor <tothandor at gmail.com> 2013-06-24 17:05:46 CEST ---
I'm keen to keep the same order for the scripts' output, but there are many
modules and targets with hundreds of parameters, with immense ammount of
possible combinations. How can you know the correct order for all, beyond the
main parts (i.e. table, chain, rule-specification (match, target)). Also I'm
not the only who's adding rules to this ruleset.
Let's take an example. If you have two common match modules like tcp and limit,
which should come first? Which parameter of tcp module should come first --mss
or --syn?

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the netfilter-buglog mailing list