[Bug 562] Rule gets implicitly eliminated ("optimized away") --> But that's not ok --> A Logic Bug
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Tue Nov 25 20:31:59 CET 2008
http://bugzilla.netfilter.org/show_bug.cgi?id=562
for-openvz at alicewho.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
------- Comment #4 from for-openvz at alicewho.com 2008-11-25 20:31 -------
(In reply to comment #3)
> This does not work:
>
> > /sbin/iptables -A INPUT --dport 8191 --match recent --name WATCHLIST --set -j
> DROP
>
> because IT IS NOT A VALID RULE!!! You CANNOT have a rule which includes a
> "--dport" without ALSO specifying a protocol.
>
> Please read the iptables documentation on this, and do not reopen this bug. It
> is NOT a bug in the code, but a bug in your understanding of how to create
> rules.
Sorry, to say that, but you are talking bullshit, giving a cheap excuse.
Here's another variation of the bug. Here "-p all" was specified.
The result is: IT DOES NOT WORK!
/sbin/iptables -A INPUT -p all --dport 8191 --match recent --name WATCHLIST
--set -j DROP
Ok, forget it you arrogant idiot!
Maybe someone more intelligent than you will fix this bug.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the netfilter-buglog
mailing list