Re: [libvirt-users] netfilter+libvirt=(smth got broken?)
Hello all,
21.03.2013 7:18, Eric Blake:
[...]
> --ctdir was broken and it was fixed in patch:
In other words, the kernel folks made a silent change in ABI. Eww.
How can we reliably tell which kernels have the old behavior, and which
have the new, so that libvirt knows which sense to use?
There are so many customized kernels in the wild with whatever mix of
patches applied and whatever custom versioning involved that IMHO no one
can now really know without some special flag added for that (other than
try and see)
[...]
> It's unfortunate nobody noticed this rule was incorrect so
far (even
> if it was working).
In this case I'd say it was rather just somewhat inconsistent with it
own documentation. Not a big deal. IMHO it would be OK to just add a
notice to documentation saying that "for historical reasons" behaviour
is inverted, instead of changing the code in question to make it wrose.
Alternatively, upon noticing unwanted inversion, netfilter could just
introduce some new correct --ctdir2 and subsequently depreciate and
remove original --ctdir, allowing some time for adaptation.
It's also unfortunate that the kernel folks did a silent ABI change,
without offering any witness of which behavior is in operation.
Yes, netfilter is extremely valuable and extremely respected project.
However, breaking the work of other people so easily, for almost no
reason, without even a word of discussion and without any proposed way
to relaibly handle the situation seems surprising at least. Huge number
of people depend on netfilter, really! Sorry for some rant.
Nikolai