nfq_set_verdict_mark

[Pablo Neira Ayuso]

Hi Patrick,

Patrick McHardy wrote:
> Pablo Neira Ayuso wrote:
>> Robert Scott wrote:
>>
>>> i noticed that this function doesn't automatically convert the mark into
>>> the expected network byte order.  this is a minor detail, but the
>>> current behavior may confuse users. since nfq_get_nfmark automatically
>>> converts the mark into host order, i thought nfq_set_verdict_mark would
>>> also  do the reverse.
>>>
>>> not really a big deal, and this will probably break most existing
>>> installations in the field, but perhaps a note in the docs to give new
>>> users a heads up.
>>
>> Yes, I agree what you, we have to document this minor issue, I think
>> that we can introduce more API that can solve this inconsistency.
> 
> Do we actually have documentation where we can document it? :)
> 
> I'm beginning to wonder how much more kludges we will have in these
> libraries by continuing to treat them as stable without having had
> even a single beta version.

OK, I start thinking that I'm getting obsessed with breaking current
deployed apps :(. I also think that we can solve this minor annoying
issues by fixing the problem and then releasing a new version asap.

The current release process is too slow, I have the impression that
nobody is using the lastest official releases. For conntrackd, I'm
currently doing unnofficial releases of libnetfilter_conntrack because
the official release is broken with NAT handlings, well apart from the
fact that I also introduce some patches with new features that I need.

Just tell you that I don't mind about spending some time on
administration tasks like releases and any other stuff related with the
website if that can help to speed up the release process. I worked on
some scripts to automate the release process time ago after the workshop
that I can recover.

-- 
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris