| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Jan 2016 18:01:49 -0500 From: Brian Haley <brian.haley@....com> To: Hong Hui Xiao <xiaohhui@...ibm.com>, netdev@...r.kernel.org Subject: Re: [Question/Bug] Should the priority of ip rule be unique? On 01/08/2016 01:32 AM, Hong Hui Xiao wrote: > Hi, > > From the man page of ip rule at [1], it says that "Each rule should have > an explicitly set unique priority value." It is reasonable to have unique > priority for ambiguous rules. > But I have a set of unambiguous ip rules, do I still need to set the > priority of to be unique? In practice, I can set ip rules with duplicated > priority, and things works as expected. I want to confirm with iproute > developers if this is a support usecase. If so, the information in man > page may need updates. > > 5000: from all fwmark 0x4000000/0xffff0000 lookup table0 > 5000: from all fwmark 0x4010000/0xffff0000 lookup table1 > 5000: from all fwmark 0x4020000/0xffff0000 lookup table2 > 5000: from all fwmark 0x4030000/0xffff0000 lookup table3 > > > [1] http://man7.org/linux/man-pages/man8/ip-rule.8.html (search for > "unique") No, you shouldn't need to set the priority in this case as each rule is unique. From reading earlier in the man page, and looking at the code, the rules are ordered and scanned in order of decreasing priority, with a lower priority being higher. In the case of rules with the same priority they are ordered based on the order in which they were added to the kernel. So I guess the man page could be tweaked a little, given "should" seems to follow the liberal IANA meaning of recommended, but not required. -Brian
Powered by blists - more mailing lists