lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Mar 2013 21:43:04 -0800 From: Stephen Hemminger <stephen@...workplumber.org> To: Vlad Yasevich <vyasevic@...hat.com> Cc: netdev@...r.kernel.org, bridge@...ts.linux-foundation.org Subject: Re: [RFC PATCH v2 net-next 0/3] Allow bridge to function in non-promisc mode On Thu, 7 Mar 2013 16:28:45 -0500 Vlad Yasevich <vyasevic@...hat.com> wrote: > The series adds an ability to configure the bridge into a non-primiscuous > mode. Instead, it provides the ability to identitfy some set of bridge > ports as uplinks and allows for MAC addresses to be programmed onto > those ports. In case the port hardware does not support mac filter, > that port will be placed in promiscuous mode. > > Default bridge operation continues to remain as "promiscuous". The new > functionality has to be enabled via sysfs (similar to other bridge extensions). > > The uplink mode is implemented as a flag on a bridge port. The api to > change that flag follows the existing api to enable/disable other existing > flags. > > All comments are welcome. > Can we make this a one step process and less visible to the user. If user defines an uplink device, and the uplink device is capable of filtering (and what ever other pre-conditions people can think of), then the bridge will transparently switch to uplink/non-promisc mode. This can also be used to trigger edge only mode in RSTP in the future. Less knobs. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists