[PATCH] disallow multiple matches of same type
Patrick McHardy
kaber at trash.net
Mon Feb 20 18:38:22 CET 2006
Phil Oester wrote:
> In latest iptables SVN, the command:
>
> iptables -A foo -p tcp -m multiport --dport 45,47 -m multiport --sport 45:48
>
> ends up with mangled results of:
>
> ... multiport sports multiport sports tcp spts:45:48
>
> Since at present, iptables can only handle one match of a given type
> per rule. The below patch makes sure we disallow more than one.
>
> This closes bugzilla #447
I think Harald already did something in this direction. Harald?
More information about the netfilter-devel
mailing list