Possible Bug? /proc/net/ip_tables_targets listing problem?

[Henrik Nordstrom]

On Sun, 9 Oct 2005, Rob M wrote:

> The problem here is that I've only built v1.3.2 on this box.  I've found
> there is a similar problem in the listing for `/proc/net/ip_tables_matches'.
> There I find a double listing for `multiport'.  I don't think this is a
> feature mislisting since it is a clean build and I've done no patching (well
> the patches leading up to yes but not) beyond v1.3.2.  It's as clean of a
> build as I think you can get with out totally unmerging the package and
> remerging v1.3.3, but I digress.

It is a misfeature of current Linux kernels.

> If the problem were the comparison of built modules to features that I had
> built into the kernel, there _should_ be more duplicates then 1 match and 1
> target in their respected lists.

It depends on the target/matches loaded. Some have multiple versions to 
support old iptables binaries and gets listed multiple times.

> As far as I can tell, it does not affect
> functionality.

Correct, and is why it is a misfeature not a bug.

> But then again, I assume that when it checks to see if a match or target 
> is loaded, it compared the requested match/target against the required 
> list, and in turn could cause problems for checking available 
> match/targets.  This is an assumption that I'm making, whether it's true 
> or false.  If this isn't affect anything and it's simply an aesthetic 
> issue, then I'm going to get back to work and just code what I'm working 
> on to expect the possibilities for duplicates in these lists.

You could also submit a patch to the kernel to only list these 
targets/matches once.

Regards
Henrik