[PATCH iptables] extensions: libxt_cluster: add note on arptables-jf

[PATCH iptables] extensions: libxt_cluster: add note on arptables-jf

[Pablo Neira Ayuso]

Gao feng reported problems while getting the cluster match working with
arptables. This patch adds a note in the manpage to warn about the arptables-jf
syntax, which is different from mainstream arptables.

Reported-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 extensions/libxt_cluster.man |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/extensions/libxt_cluster.man b/extensions/libxt_cluster.man
index 62ad71c..94b4b20 100644
--- a/extensions/libxt_cluster.man
+++ b/extensions/libxt_cluster.man
@@ -55,6 +55,11 @@ arptables \-A INPUT \-i eth2 \-\-h\-length 6
 \-\-destination\-mac 01:00:5e:00:01:02
 \-j mangle \-\-mangle\-mac\-d 00:zz:yy:xx:5a:27
 .PP
+\fBNOTE\fP: the arptables commands above use mainstream syntax. If you
+are using arptables-jf included in some RedHat, CentOS and Fedora
+versions, you will hit syntax errors. Therefore, you'll have to adapt
+these to the arptables-jf syntax to get them working.
+.PP
 In the case of TCP connections, pickup facility has to be disabled
 to avoid marking TCP ACK packets coming in the reply direction as
 valid.
-- 
1.7.10.4

Re: [PATCH iptables] extensions: libxt_cluster: add note on arptables-jf

[Jesper Dangaard Brouer]

On Mon, 4 Nov 2013, Pablo Neira Ayuso wrote:

> Gao feng reported problems while getting the cluster match working with
> arptables. This patch adds a note in the manpage to warn about the arptables-jf
> syntax, which is different from mainstream arptables.
>
> Reported-by: Gao feng <gaofeng@cn.fujitsu.com>
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> ---
> extensions/libxt_cluster.man |    5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/extensions/libxt_cluster.man b/extensions/libxt_cluster.man
> index 62ad71c..94b4b20 100644
> --- a/extensions/libxt_cluster.man
> +++ b/extensions/libxt_cluster.man
> @@ -55,6 +55,11 @@ arptables \-A INPUT \-i eth2 \-\-h\-length 6
> \-\-destination\-mac 01:00:5e:00:01:02
> \-j mangle \-\-mangle\-mac\-d 00:zz:yy:xx:5a:27
> .PP
> +\fBNOTE\fP: the arptables commands above use mainstream syntax. If you
> +are using arptables-jf included in some RedHat, CentOS and Fedora
> +versions, you will hit syntax errors. Therefore, you'll have to adapt
> +these to the arptables-jf syntax to get them working.


While on the subject of arptables_jf.  Red Hat will be replacing 
arptables_jf with the mainstream arptables in RHEL7 and Fedora 21.

-- 
Best regards,
   Jesper Dangaard Brouer
   MSc.CS, Sr. Network Kernel Developer at Red Hat
   Author of http://www.iptv-analyzer.org
   LinkedIn: http://www.linkedin.com/in/brouer

Re: [PATCH iptables] extensions: libxt_cluster: add note on arptables-jf

[Jan Engelhardt]

On Monday 2013-11-04 12:39, Jesper Dangaard Brouer wrote:
> On Mon, 4 Nov 2013, Pablo Neira Ayuso wrote:
>
>> Gao feng reported problems while getting the cluster match working with
>> arptables. This patch adds a note in the manpage to warn about the
>> arptables-jf
>> syntax, which is different from mainstream arptables.
>
> While on the subject of arptables_jf.  Red Hat will be replacing arptables_jf
> with the mainstream arptables in RHEL7 and Fedora 21.

And I thought it'd never happen ;)
I still wonder why they even created the fork. There's little documentation
about that.