On Tue, Mar 28, 2006 at 11:31:22AM +0200, Max Laier wrote: > Hi, > > while porting OpenBSD 3.9 (soon to be released) pf I stumbled on interface > groups. This is a mechanism to group arbitrary interfaces into logical > groups. It is just naming (not functional change), but it helps to convey > semantic information (e.g. group "LAN", "DMZ" ...) about your interface to > supporting applications. This way you can write a policies for interface > group "LAN" and have it applied to all the VLAN interfaces that come and go. > Administration is done via ifconfig. We currently have "ifconfig name" which > does part of the job. > > My question: Does that sound like something interesting for us and should I > go > for importing it into FreeBSD proper, or is it not at all interesting and we > don't want it (in which case I'd hack something up for pf).
Sounds like a reasonable feature. I think it's orthogional to renaming. > Technical reasoning: A proper import would add an additional TAILQ link into > struct ifnet (which is a great deal of ABI change and causes the usual > headaches). The hack would use a single void *, but we'd have to pay for the > additional indirection. Also yet another config tool would be required to > administer the interface <-> group binding. Adding a TAILQ to the end of struct ifnet would not be an ABI change in 6 because drivers don't know or care how big struct ifnet is anymore and I can't think of an implementation where the drive code would need to care. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
pgpur9Hy56MHU.pgp
Description: PGP signature
