From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mr Dash Four <mr.dash.four@googlemail.com>
Subject: Re: [ANNOUNCE] ipset-5.0 released
Date: Sat, 18 Dec 2010 22:23:52 +0000
Message-ID: <4D0D3478.30509@googlemail.com>
References: <alpine.DEB.2.00.1012172259100.10231@blackhole.kfki.hu> <4D0CC3BB.8030801@googlemail.com> <alpine.DEB.2.00.1012182050280.11577@blackhole.kfki.hu> <4D0D2CF4.5070201@googlemail.com> <alpine.LNX.2.01.1012182304360.30262@obet.zrqbmnf.qr>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <netfilter-owner@vger.kernel.org>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlemail.com; s=gamma;
        h=domainkey-signature:received:received:message-id
         :disposition-notification-to:date:from:user-agent:mime-version:to:cc
         :subject:references:in-reply-to:content-type
         :content-transfer-encoding;
        bh=AgHAbz85cYe3F5ak1xSs395OmuFczIYZ2N2rejPTC1c=;
        b=gzkGKeYm0NjomDhjDt0HPvN1xp+F4H8p9DMBL6dBX2ftObar5eIQ8JZXfCt6euSyGv
         6qYydCzD9yLq0i0bcbAnNkqMBw5b9rtlQuGaPvRJ68GvI/himA56o8DiVi2Zennhv3Yp
         6xOHLqsTSdm5KIxNvJQQrWiwhz7FWp8amufc0=
In-Reply-To: <alpine.LNX.2.01.1012182304360.30262@obet.zrqbmnf.qr>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: Jan Engelhardt <jengelh@medozas.de>
Cc: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>, netfilter-devel@vger.kernel.org, netfilter@vger.kernel.org



Jan Engelhardt wrote:
> On Saturday 2010-12-18 22:51, Mr Dash Four wrote:
>   
>>> Members:
>>> 192.168.0.0,tcp:80
>>> 192.168.0.1,tcp:53
>>> 192.168.0.1,tcp:80
>>> 192.168.0.2,tcp:80
>>> 192.168.0.1,udp:53
>>> 192.168.0.3,tcp:80
>>>       
>> By 'something' I mean either omission of the protocol, or 'all' to
>> be specified instead of the protocol to mean no matching on protocol
>> would be made (in other words the protocol to be disregarded).
>>     
>
> If you don't check the protocol, you cannot know if there even is
> a port number. Not all L4 protocols have ports.
>   
OK, let me rephrase that: I do not wish to add 2x times as many members 
in a particular set when I am not interested in the protocol match - 
whether it is tcp or udp for me is irrelevant, all I am interested in is 
the ip subnet and the port number.