bugzilla-daemon at netfilter.org
2013-Jun-05 12:51 UTC
[Bug 689] Ordering of multiple matches is unclear
https://bugzilla.netfilter.org/show_bug.cgi?id=689
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
Summary|Ruleset counter on -m |Ordering of multiple
|recent match when recent |matches is unclear
|table OVERFLOWED. |
--- Comment #6 from Phil Oester <netfilter at linuxace.com> 2013-06-05
14:51:26 CEST ---
The manpage was updated last year (commit db1414ec) with the following:
+Specifies a match to use, that is, an extension module that tests for a
+specific property. The set of matches make up the condition under which a
+target is invoked. Matches are evaluated first to last as specified on the
+command line and work in short-circuit fashion, i.e. if one extension yields
+false, evaluation will stop.
This clarifies the reported issue with match ordering. Closing.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Possibly Parallel Threads
- [Bug 689] Ordering of multiple matches is unclear
- [Bug 756] iptables: Memory allocation problem.
- [Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
- [Bug 745] [addrtype]addrtype can't match src-type BROADCAST packets
- [Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
Wisdom of the Ancients
