All of lore.kernel.org
 help / color / mirror / Atom feed
From: Mr Dash Four <mr.dash.four@googlemail.com>
To: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Cc: netfilter@vger.kernel.org, netfilter-devel@vger.kernel.org,
	Patrick McHardy <kaber@trash.net>
Subject: Re: [ANNOUNCE] ipset 6.13 released
Date: Sun, 01 Jul 2012 17:52:33 +0100	[thread overview]
Message-ID: <4FF08051.3090204@googlemail.com> (raw)
In-Reply-To: <alpine.DEB.2.00.1207011646110.2749@blackhole.kfki.hu>


> I have to weight the "great deal of inconsistency and inconvenience" 
> caused to you against breaking firewall setups out there. I really 
> appreciate your comments, but in this case you should adapt.
>   
You are in no position to tell me what I should be doing. As for the 
"breaking firewall setups" bit - see my previous comments.

Also, there is a flip-side to that particular coin - by keeping buggy 
netfilter/kernel code, I'd argue that this is more likely to "break 
firewall setups" as you put it - by keeping this, wrongful, setup and 
the whole notion that for incoming IP addresses, subnets, ports and 
everything else one should use "dst" designation, but for incoming 
interfaces I should use "src" instead. I mean, really, get a grip of 
yourself!

> Do you think all admins constantly read all changelogs, mailing lists 
> about all the software they use to catch backward incompatible changes? 
>   
They do, if they're worth their salt.

> You are aware of the "inconveniece", and you could adapt yourself to it 
> anytime.
Why should I, as a network admin, have to adapt to this buggy code just 
because you just can't see what's in front of your face?

>  I'm responsible for every user, for those who never read these 
> mailing lists as well.
>   
So, is ignorance an excuse nowadays? I never expected to read that from 
a Netfilter developer, but there is a first time for everything I suppose.

> Feel free to involve anyone.
It is the only way I see forward as, evidently, "debating" this with you 
is completely and utterly pointless - you are like a broken record, 
repeating the same over and over and over again like an automaton.

> You argue that the meaning of src/dst for the interface part is 
> counter-intuitieve and therefore must be reversed - regardless of the 
> backward compatibility issue and the possible breaking of existing setups.
>   
Where did I state, or even hinted that it is "counter-intuitive"? That's 
right, I didn't. Because it is not "counter-intuitive", it is, at best, 
wrong and inconsistent, at worse - buggy and downright misleading! Can 
you read, Jozsef?


  reply	other threads:[~2012-07-01 16:52 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-06-29 20:04 [ANNOUNCE] ipset 6.13 released Jozsef Kadlecsik
2012-06-30 18:47 ` Jan Engelhardt
2012-06-30 18:47   ` [PATCH] build: restore -version-info Jan Engelhardt
2012-06-30 22:05     ` Jozsef Kadlecsik
2012-06-30 22:15       ` Jan Engelhardt
2012-06-30 22:31         ` Jozsef Kadlecsik
2012-06-30 22:50           ` Jan Engelhardt
2012-07-01 12:11             ` Jozsef Kadlecsik
2012-07-01 16:03               ` Jan Engelhardt
2012-07-01 17:20                 ` Jozsef Kadlecsik
2012-07-01 18:36                   ` Jan Engelhardt
2012-07-01 20:45                     ` Jozsef Kadlecsik
2012-07-01 10:46 ` [ANNOUNCE] ipset 6.13 released Mr Dash Four
2012-07-01 12:09   ` Jozsef Kadlecsik
2012-07-01 12:19     ` Mr Dash Four
2012-07-01 12:37       ` Jozsef Kadlecsik
2012-07-01 12:44         ` Mr Dash Four
2012-07-01 12:52           ` Jozsef Kadlecsik
2012-07-01 13:17             ` Mr Dash Four
2012-07-01 15:21               ` Jozsef Kadlecsik
2012-07-01 16:52                 ` Mr Dash Four [this message]
2012-07-01 21:30                 ` Neal Murphy
2012-07-01 21:55                   ` Jan Engelhardt
2012-07-01 22:59                     ` Neal Murphy
2012-07-01 22:58                 ` Amos Jeffries
2012-07-01 22:58                   ` Amos Jeffries
2012-07-02  7:54                   ` Jozsef Kadlecsik
2012-07-02 13:11                     ` Mr Dash Four
2012-07-02 13:26                       ` Jozsef Kadlecsik
2012-07-02 14:28                         ` Mr Dash Four
2012-07-02 20:26                           ` Jozsef Kadlecsik
2012-07-10 16:27                     ` Alex Bligh
2012-07-10 16:27                       ` Alex Bligh
2012-07-01 18:32   ` Steven Kath
2012-07-01 13:21 ` Andreas Herz
2012-07-01 14:44   ` Jozsef Kadlecsik
2012-07-10  9:12     ` Andreas Herz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4FF08051.3090204@googlemail.com \
    --to=mr.dash.four@googlemail.com \
    --cc=kaber@trash.net \
    --cc=kadlec@blackhole.kfki.hu \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.