Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 11 Feb 2002 17:08:47 -0800
From:      Luigi Rizzo <rizzo@icir.org>
To:        net@freebsd.org
Subject:   HEADS UP: upcoming change to net.link.ether.bridge_cfg handling
Message-ID:  <20020211170846.B32847@iguana.icir.org>
next in thread | raw e-mail | index | archive | help 
Hi,
since i recently had a chance to do some fixes to the bridging code,
in the next few days I am about to change the parsing of the sysctl
variable net.link.ether.bridge_cfg.
 
The variable was meant to contain the list of interfaces on which
bridging was enabled, optionally following each interface with its
cluster id.
 
For reasons related to the handling of dynamically created interfaces
(e.g. PCMCIA cards), at some point the code was changed so that
each interface creation/deletion would rescan the list of interfaces,
and overwrite "bridge_cfg" with a default configuration in which
all ethernet interfaces become part of the same cluster.
 
Obviously, this automatic override of an existing configuration is
less than desirable, was almost surely an undesired side effect,
and poses significant security problems which are just not acceptable.
 
So, I am going to change the handling of "bridge_cfg" so that on 
interface creation/deletion the system will not change its value
but just reinitialize bridging on all interfaces specified in that
variable *and* still existing. Bridging on dynamically created
interfaces (such as PC-CARD devices, or vlan) will be still
possible, but you have to configure them explicitly.

That also means that at boot time, the list of interfaces will be
empty. This can be easily fixed by doing

        sysctl net.link.ether.bridge_cfg="`ifconfig -l`"

in the rc* files, and I will make sure that this is the default in
rc* files.

Constructive complaints are welcome, but 100% backward compatibility
is just not feasible.

        cheers
        luigi

----------------------------------+-----------------------------------------
 Luigi RIZZO, luigi@iet.unipi.it  . ICSI (on leave from Univ. di Pisa)
 http://www.iet.unipi.it/~luigi/  . 1947 Center St, Berkeley CA 94704
 Phone: (510) 666 2927
----------------------------------+-----------------------------------------

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020211170846.B32847>