> > I realized that in fib_rules.c the inet_rtm_new_rule() > > function adds rules without checking if they already > > exist. This may result in duplicate rules being added. > > It makes it difficult to remove a rule when it is > > added multiple times (with the intention that it would > > be added only once if it exists, setting the necessary > > netlink flags). > > I can see what you're doing here, but I'm not so sure this > plays well with the preference field. > > The preference field is meant to act the same way a firewall > chain does. You can have identical rules in the chain, > and the preference determines which one gets actually hit. > But the exclusive flag in the netlink message indicates that > we should disallow multiple rules with the same key. > > I'm inclined to apply this patch, but does anyone have any > strong opinions either way?
In theory this patch is absolutely correct and we should go that way one day. The problem is that iproute sets NLM_F_EXCL by default when adding rules so this patch would modify the behaviour of all existing "ip rule add" usages. The explicit use of preferences makes rules unique at all times so this is a minor issue and we should defer it to the next point allowing for a binary interface breakage. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
