Port-xen archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Specifying names for tap interfaces



On Mon, Jun 18, 2012 at 11:54:43AM -0400, Greg Troxel wrote:
> 
> Thor Lancelot Simon <tls%panix.com@localhost> writes:
> 
> > On Mon, Jun 18, 2012 at 11:51:13AM -0400, Greg Troxel wrote:
> >> 
> >> It seems easy enough to add the ioctl and see if things blow up...
> >
> > You can be pretty sure ipf, pf, and npf will blow up.
> 
> Because they watch interface creation and keep matching state?  Or do
> you just mean that rules written for tap3 will no longer match?

Rename the interface.  Now watch what happens when you try to load new
rules.  Now tell ipfilter, for example, to "resynchronize the interface
list" (ipf -y).  Imagine the fun possible if interfaces change names,
old interfaces, with rules affixed, still exist but the names no longer
match, etc...

I think a lot of fun is possible, and likely.


Home | Main Index | Thread Index | Old Index