| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 09 Mar 2009 11:58:39 -0700 From: Ben Greear <greearb@...delatech.com> To: Patrick McHardy <kaber@...sh.net> CC: "Eric W. Biederman" <ebiederm@...ssion.com>, Mark Smith <nanog@...5b20a518b8f6864949bd940457dc124746ddc.nosense.org>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org, shemminger@...ux-foundation.org Subject: Re: MACVLANs really best solution? How about a bridge with multiple bridge virtual interfaces? Patrick McHardy wrote: >> Now that I think about it we could call ndo_start_xmit directly >> from the macvlan code, and bypass whatever hook we use to >> intercept packets going out the normal device it should not >> be too difficult. > > We don't intercept packets on TX, they have to be explicitly delivered > to macvlan. It might suck for performance, but mac-vlan could register an 'ALL' protocol on the physical dev, similar to tcp-dump, to grab pkts on tx and pass the ones it cares about back up to the vlans? I'd want run-time control to disable any of these costly options for those that don't need it, however. Thanks, Ben -- Ben Greear <greearb@...delatech.com> Candela Technologies Inc http://www.candelatech.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists