From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mart Frauenlob <mart.frauenlob@chello.at>
Subject: intrapositioned  and extrapositioned negation
Date: Tue, 20 Oct 2009 12:59:59 +0200
Message-ID: <4ADD982F.209@chello.at>
Reply-To: netfilter@vger.kernel.org
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <netfilter-owner@vger.kernel.org>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: netfilter@vger.kernel.org

Hello,

today I installed iptables 1.4.5 and discovered my ruleset produces 
those warnings about intrapositioned  negation:
Using intrapositioned negation (`--option ! this`) is deprecated in 
favor of extrapositioned (`! --option this`).

I haven't completely looked up the changelogs, but from what I've found 
on the internet, this was introduced with 1.4.3.1, right?

However, my ruleset is automatically generated by a self written shell 
script, which I now need to change.
It needs to work with any 2.6 kernel and with 2.4 kernels supporting 
iptables.
As my testing options (hardware, time) are limited, I'm asking if 
someone knows:

Will 2.4 kernels and older iptables versions accept the extrapositioned 
(`! --option this`) notation?
If so, I can rewrite my script to always use extrapositioned syntax. 
Lot's of work, but ok...

If not, what kernel / iptables versions do only understand the old 
deprecated way?
So I can query for them and take the appropriate steps.

Thanks a lot!


Mart