Re: [iptables 1.3.0 / libiptc patch] sort chains by hooknum/names

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jonas Berlin <xkr47@outerspace.dyndns.org>
To: Patrick McHardy <kaber@trash.net>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: [iptables 1.3.0 / libiptc patch] sort chains by hooknum/names
Date: Tue, 19 Apr 2005 14:51:14 +0000	[thread overview]
Message-ID: <42651AE2.9050402@outerspace.dyndns.org> (raw)
In-Reply-To: <4228E962.8090005@trash.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Quoting Patrick McHardy on 2005-03-04 23:04 UTC:

>> OK, why two patches? The first one need some preconditions: *all*
>> buildin chains need to be "in order" and in front of *any* user chain
>> when parsing the kernel-list.
> 
> I assume with "in order", you mean it relies on the current numbering of
> the hooks:
> 
> This seems fine to me. I'm going to apply your first patch, thanks.

What he meant by "in order" was that when getting a list of chains from
the kernel, they would be returned like this:

PREROUTING
INPUT
FORWARD
OUTPUT
POSTROUTING
USER_CHAIN_B
USER_CHAIN_A
USER_CHAIN_C
...

I.e. builtin chains first, and then user chains in random order.

This is not the case however (at least with my 2.6.11 kernel), they seem
to come in a vaguely alphabetic order, with builtin chains being among
the user chains like:

USER_CHAIN_A
PREROUTING
INPUT
USER_CHAIN_B
FORWARD
OUTPUT
POSTROUTING
USER_CHAIN_C
...

Thus, his second patch is necessary (at least for me) in order to get
them in the order

<builtin chains sorted logically>
<user chains sorted alphabetically>

I tested switching to the second patch and the results were Good. :)

- --
- - xkr47
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCZRrhxyF48ZTvn+4RAiNKAJ0U96HA8lxIkWUvn8+vE4zEY7jHgACeJjaD
94uZ+M79//yeo0xQi3397SA=
=GShI
-----END PGP SIGNATURE-----

next prev parent reply	other threads:[~2005-04-19 14:51 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-03-04 20:21 [iptables 1.3.0 / libiptc patch] sort chains by hooknum/names Olaf Rempel
2005-03-04 22:08 ` Phil Oester
2005-03-04 22:38   ` Patrick McHardy
2005-03-04 23:15   ` Olaf Rempel
2005-03-04 23:04 ` Patrick McHardy
2005-04-19 14:51   ` Jonas Berlin [this message]
2005-03-05  2:07 ` Herve Eychenne

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=42651AE2.9050402@outerspace.dyndns.org \
    --to=xkr47@outerspace.dyndns.org \
    --cc=kaber@trash.net \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.