| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Oct 2007 14:30:29 +0200 From: Laszlo Attila Toth <panther@...abit.hu> To: David Miller <davem@...emloft.net> Cc: Patrick McHardy <kaber@...sh.net>, netdev@...r.kernel.org, Laszlo Attila Toth <panther@...abit.hu> Subject: [IFGROUPv5 0/3 (+3)] Interface group patches Hi Dave, This is the 5th version of our interface group patches. The first patch is a fix in the rtnl socket interface. An u_int32_t member was added to net devices indicating the interface group number of the device which can be get/set via netlink. The xt_ifgroup netfilter match is for checking this value with an optional mask. Other patches are for userpace programs: * iptables * iproute2. Because kernel 2.6.24-rc1 introduced a new enum value, IFLA_NET_NS_PID, and it wasn't in the iproute2 code, the first patch simply adds this value. The second patch adds support of interface group. Usage: ip link set eth0 group 4 # set ip link set eth0 group 0 # unset iptables -A INPUT -m ifgroup --ifgroup-in 4/0xf -j ACCEPT iptables -A FORWARD -m ifgroup --ifgroup-in 4 ! --ifgroup-out 5 -j DROP Patches: [1/3] rtnetlink: setlink changes atomic with single notification [2/3] Interface group: core (netlink) part [3/3] Netfilter Interface group match [iptables] Interface group match [iproute 1/2] Added IFLA_NET_NS_PID as in kernel v2.6.24-rc1 [iproute 2/2] Interface group as new ip link option -- Laszlo Attila Toth - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists