current-users: Re: IP Firewalling and IP Filetering

Subject: Re: IP Firewalling and IP Filetering
To: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
From: Darren Reed <darrenr@vitruvius.arbld.unimelb.edu.au>
List: current-users
Date: 06/10/1996 23:47:19

[...]
> | Changed struct ifnet to have a pointer to the softc of the underlying
> | device and a printable "external name" (name + unit number), thus eliminating
> | if_name and if_unit.  Updated interface to (*if_watchdog)() and (*if_start)()
> | to take a struct ifnet *, rather than a unit number.
> 
> This doesn't say anything about _why_ this was done.  The last sentence
> hints that there were interface that took unit numbers when they really
> shouldn't, but that alone does not strike me as reason to go as far as
> eliminating if_unit altogether.
> 
> > B: You shouldn't rely on internal layout for opaque data structures
> >    like ifnet!
> 
> ifnet is hardly an opaque structure when you're in the kernel.
> 
> > [...compatability...]  In this case, a sure way to get the unit ID
> > without having to guess/devine it from if_xname[] array.
> 
> Why do you want a unit number?  I can't see why you should care about
> the difference between, say, "le0" and "rk0" versus "le0" and "le1";
> le0 and le1 are just as much different interfaces as le0 and rk0, and
> there's no call to treat the two cases any differently.  (rk0 is
> hypothetical; AFAIK there is no rk.)

Let me add some thoughts about the concepts involved here, which are just
my opinions.

If I have a group of "struct ifnet"'s that have the same "if_name" but
different "if_unit", then I might assume they're somehow related.  Indeed,
if "if_name" was a pointer and not an array, it might be the same between
two "struct ifnet"'s.  From the Solaris2 perspective, there is a driver name
and a PPA (Physical Point of Attachment).

If I have a group of "struct ifnet"'s and the only identifier is "if_xname",
then any hints I might use to construct an idea of related network devices
inside the kernel are (at best) guesses.

i.e., in using if_unit & if_name, one might assume that "le" #0 and "le" #1
are somehow related.

A more trivial issue, I don't see why the first interface must be "0".  The
implication given by code I've read and "if_unit" is that you could have an
"le" #3836192393 or "ipdptp" #38938190285.

The implication of "if_xname" is that the number for the interface is
not needed to indentify an interface, an interesting concept but is it
really that much of a problem that we want to make portability of
applications that much harder ?  (any programs like netstat will have to be
altered to deal with this, for example).