Re: [PATCH v3] iptables: Sort table names in ip[6]tables-save

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Phil Oester <kernel@linuxace.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH v3] iptables: Sort table names in ip[6]tables-save
Date: Fri, 30 Aug 2013 23:11:58 +0200	[thread overview]
Message-ID: <20130830211158.GA3850@localhost> (raw)
In-Reply-To: <20130731202107.GA12949@linuxace.com>

Hi Phil,

On Wed, Jul 31, 2013 at 01:21:07PM -0700, Phil Oester wrote:
> Depending upon the load order of rules, the output from ip[6]tables-save
> will vary, as ip[6]_tables_names is sorted LIFO.  As reported by
> Linus van Geuns, this makes comparing output from ip[6]tables-save across
> reboots difficult.  Attached are two patches which attempt to fix this.
> 
>   1) Sort by default - add 'u' option to unsort
>   2) Unsorted by default - add 's' option to sort

I think we should just sorted it inconditionally. I don't get how that
can be useful for any interesting purpose.

More comments below:

> diff --git a/include/xtables.h b/include/xtables.h
> index c35a6e6..dc6e566 100644
> --- a/include/xtables.h
> +++ b/include/xtables.h
> @@ -479,6 +479,8 @@ extern void xtables_ip6parse_any(const char *, struct in6_addr **,
>  extern void xtables_ip6parse_multiple(const char *, struct in6_addr **,
>  	struct in6_addr **, unsigned int *);
>  
> +extern int stringcmp(const void *, const void *);

Please, no new function into libxtables for this. Better define it
internally to iptables-save and ip6tables-save.

I also have to ask you to make a patch for iptables-nftables, so we
obtain the same behaviour in xtables-save.

Thanks.

     prev parent reply	other threads:[~2013-08-30 21:12 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-07-31 20:21 [PATCH v3] iptables: Sort table names in ip[6]tables-save Phil Oester
2013-08-30 21:11 ` Pablo Neira Ayuso [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130830211158.GA3850@localhost \
    --to=pablo@netfilter.org \
    --cc=kernel@linuxace.com \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.