Re: [PATCH v2 3/3] ipset: change 'iface' part in hash:net,iface set

[Mr Dash Four <mr.dash.four@googlemail.com>]

> What you wrote was:
>
> You:> What I have suggested to you was that you allow in/out to be 
> You:> *entered*, as input, in a list:set (i.e. in the iptables statement), 
> You:> but treated internally in the same way as src/dst ('in' to be 
> You:> treated internally as 'src', 'out' as 'dst' obviously). In that way, 
> You:> there won't be any discrepancies and the results from both 
> You:> "solutions" will be the same. In other words (using the example you 
> You:> gave earlier), typing:
> You:> 
> You:> -bash-~# iptables -A INPUT -m set --match-set list1 src,in -j ACCEPT
> You:> 
> You:> and
> You:> 
> You:> -bash-~# iptables -A INPUT -m set --match-set list1 src,src -j ACCEPT
> You:> 
> You:> to be both accepted  and 'in', as *entered* above, to be interpreted 
> You:> in the same way as 'src'. That way there won't be any "different" 
> You:> results.
>
> So if list1 contains a hash:ip,port type alone, the rule
>
> iptables -A INPUT -m set --match-set list1 src,in -j ACCEPT
>
> is perfectly fine and logical. We circled again and I'm fed up.
>   
So? I fail to see where I have contradicted myself (if that was indeed 
your intention to show me when you sent the above) or how the above is 
wrong, but please feel free to elaborate if you so wish.

>> You keep banging on about "send me the patches according to solution a", but
>> you are unwilling or unable to address the consequences of this and the issues
>> I raised in this regard. Once this is done and I am convinced that this is the
>> way to go, I'll send you the new patches.
>>
>> This isn't some sort of Stalin-like republic where you can just order me to
>> "send you the patches" and I do as I am told, OK? This is a free forum where
>> we, as peers, are allowed to discuss these issues. If you are unable to hold
>> to your arguments after I shot them to pieces, do you think that by ordering
>> me to "send you the patches" I am going to concede and do as I am told?
>>
>> Or do you think that just because you've written parts of the ipset code you
>> could just order me to "send you the patches" I'll bow my head and say "yes,
>> sir, I'll do it sir, right away sir"? Really? Get a grip of yourself Jozsef!
>>     
>
> Stop this, now. I don't tolerate your style anymore.
>   
Stop what now? If I think that you've overstepped the mark by giving me 
orders to "send you the patches" instead of supporting your own 
viewpoints and arguments when I challenge them, I'll pull you up on it 
as I did with my post above.

> I don't care what you do. I accept patches which I believe fit fine into 
> the current system.
>   
As I already pointed out, if you present your points and you are not 
prepared to be challenged by others (particularly if there is some 
disagreement, as is the case here), then you are in the wrong place I am 
afraid.

I clearly disagree with your view to prevent in/out being used in 
list:set (one reason I asked you to let me know what do you think in/out 
is - I am yet to receive a response from you on that), given that 
hash:net,iface could be a member of that set and also given the fact 
that in/out is used there.

As soon as I start asking questions and digging up holes in your 
arguments, you revert to type and I either get a response like "I've had 
enough", "I am fed up" or, as above, I am given orders to submit those 
patches regardless.

That is not how it works and you should know better - the last time I 
checked, this is a forum for discussion among peers, not some sort of 
totalitarian setup where someone starts barking orders and others follow 
in line - this is precisely what I meant with my post above.

Again, if you make your view points, you should be prepared those views 
to be challenged, particularly if there is a disagreement, and not hide 
away and start giving orders for others to follow. I hope I have made 
myself clear.