[PATCH] Multiple matches of the same type
Jozsef Kadlecsik
kadlec at blackhole.kfki.hu
Tue Feb 28 17:52:08 CET 2006
On Tue, 28 Feb 2006, Krzysztof Oledzki wrote:
> > If two or more matches of the same type are detected then the options are
> > assumed to be grouped in order to tell which option belongs to which
> > match:
> >
> > ... -m foo ... <options0> ... -m foo ... <options1> ...
>
> What about -s and -d? I know about ipset but sometimes you need
> just two or three addresses.
The matches are ANDed and not ORed. Without a complete redesign or
alternate store/lookup methods what you request cannot be done.
Best regards,
Jozsef
-
E-mail : kadlec at blackhole.kfki.hu, kadlec at sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
More information about the netfilter-devel
mailing list