Re: [ANNOUNCE] ipset 6.13 released

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Mr Dash Four <mr.dash.four@googlemail.com>
To: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Cc: netfilter@vger.kernel.org, netfilter-devel@vger.kernel.org,
	Patrick McHardy <kaber@trash.net>
Subject: Re: [ANNOUNCE] ipset 6.13 released
Date: Sun, 01 Jul 2012 17:52:33 +0100	[thread overview]
Message-ID: <4FF08051.3090204@googlemail.com> (raw)
In-Reply-To: <alpine.DEB.2.00.1207011646110.2749@blackhole.kfki.hu>


> I have to weight the "great deal of inconsistency and inconvenience" 
> caused to you against breaking firewall setups out there. I really 
> appreciate your comments, but in this case you should adapt.
>   
You are in no position to tell me what I should be doing. As for the 
"breaking firewall setups" bit - see my previous comments.

Also, there is a flip-side to that particular coin - by keeping buggy 
netfilter/kernel code, I'd argue that this is more likely to "break 
firewall setups" as you put it - by keeping this, wrongful, setup and 
the whole notion that for incoming IP addresses, subnets, ports and 
everything else one should use "dst" designation, but for incoming 
interfaces I should use "src" instead. I mean, really, get a grip of 
yourself!

> Do you think all admins constantly read all changelogs, mailing lists 
> about all the software they use to catch backward incompatible changes? 
>   
They do, if they're worth their salt.

> You are aware of the "inconveniece", and you could adapt yourself to it 
> anytime.
Why should I, as a network admin, have to adapt to this buggy code just 
because you just can't see what's in front of your face?

>  I'm responsible for every user, for those who never read these 
> mailing lists as well.
>   
So, is ignorance an excuse nowadays? I never expected to read that from 
a Netfilter developer, but there is a first time for everything I suppose.

> Feel free to involve anyone.
It is the only way I see forward as, evidently, "debating" this with you 
is completely and utterly pointless - you are like a broken record, 
repeating the same over and over and over again like an automaton.

> You argue that the meaning of src/dst for the interface part is 
> counter-intuitieve and therefore must be reversed - regardless of the 
> backward compatibility issue and the possible breaking of existing setups.
>   
Where did I state, or even hinted that it is "counter-intuitive"? That's 
right, I didn't. Because it is not "counter-intuitive", it is, at best, 
wrong and inconsistent, at worse - buggy and downright misleading! Can 
you read, Jozsef?

next prev parent reply	other threads:[~2012-07-01 16:52 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-06-29 20:04 [ANNOUNCE] ipset 6.13 released Jozsef Kadlecsik
2012-06-30 18:47 ` Jan Engelhardt
2012-06-30 18:47   ` [PATCH] build: restore -version-info Jan Engelhardt
2012-06-30 22:05     ` Jozsef Kadlecsik
2012-06-30 22:15       ` Jan Engelhardt
2012-06-30 22:31         ` Jozsef Kadlecsik
2012-06-30 22:50           ` Jan Engelhardt
2012-07-01 12:11             ` Jozsef Kadlecsik
2012-07-01 16:03               ` Jan Engelhardt
2012-07-01 17:20                 ` Jozsef Kadlecsik
2012-07-01 18:36                   ` Jan Engelhardt
2012-07-01 20:45                     ` Jozsef Kadlecsik
2012-07-01 10:46 ` [ANNOUNCE] ipset 6.13 released Mr Dash Four
2012-07-01 12:09   ` Jozsef Kadlecsik
2012-07-01 12:19     ` Mr Dash Four
2012-07-01 12:37       ` Jozsef Kadlecsik
2012-07-01 12:44         ` Mr Dash Four
2012-07-01 12:52           ` Jozsef Kadlecsik
2012-07-01 13:17             ` Mr Dash Four
2012-07-01 15:21               ` Jozsef Kadlecsik
2012-07-01 16:52                 ` Mr Dash Four [this message]
2012-07-01 21:30                 ` Neal Murphy
2012-07-01 21:55                   ` Jan Engelhardt
2012-07-01 22:59                     ` Neal Murphy
2012-07-01 22:58                 ` Amos Jeffries
2012-07-02  7:54                   ` Jozsef Kadlecsik
2012-07-02 13:11                     ` Mr Dash Four
2012-07-02 13:26                       ` Jozsef Kadlecsik
2012-07-02 14:28                         ` Mr Dash Four
2012-07-02 20:26                           ` Jozsef Kadlecsik
2012-07-10 16:27                     ` Alex Bligh
2012-07-01 18:32   ` Steven Kath

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4FF08051.3090204@googlemail.com \
    --to=mr.dash.four@googlemail.com \
    --cc=kaber@trash.net \
    --cc=kadlec@blackhole.kfki.hu \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).