Ian Stakenvicius posted on Tue, 07 Feb 2012 09:39:14 -0500 as excerpted: > I think that "Category 2" needs to be separated into "2a - any network", > and "2b - any public network". For instance, the service 'net' (for 2a) > and service 'inet' (for 2b). If this were the default case, then Cat.2 > packages that by default want to connect to the internet could 'need > inet', and then the user would only have to define which interfaces are > included (or excluded) from satisfying 'inet'. > > The trick that I see here is that init.d scripts have to have their > 'depends' set up in such a way that the services can be separated based > on their need for public network or any network, so that the user > doesn't have to mess with those. By default I think it makes sense to > keep both the 'net' and 'inet' pools the same (ie, all ifaces but > net.lo*), but have a simple ability to separate interfaces from the > 'public net' pool in rc.conf when they do not provide a public network > connection.
This boils down to the suggestion I made earlier. Using current terms: 1) Separate net.lo service for stuff that doesn't have to have an external connection at all. 2) A default net (or net*) service that is is composed of all non-net.lo services, with a default any-one-of-them policy. Two reasons for this: 2a) It'll "just work" in the simple case. 2b) It's the easiest to automatically preconfigure without getting into lots of "detect all the networks and magically figure out whether they're lan-only or inet" hairballs. 3) Allow the user/admin to configure net1, net2... just like the default net/net*, specifying individual interfaces for each as well as whether one or all of the configured interfaces must be up for the service to be provided. This way, a user/admin can provide narrower-than-all groupings as necessary, including net.lo if it makes sense for them, tho the defaults would be only one net.lo and the wildcard default-any-one-of-anything- else. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman
