From owner-freebsd-net Mon Feb 11 17: 8:54 2002 Delivered-To: freebsd-net@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 34C8537B404 for ; Mon, 11 Feb 2002 17:08:51 -0800 (PST) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g1C18lD33422; Mon, 11 Feb 2002 17:08:47 -0800 (PST) (envelope-from rizzo) Date: Mon, 11 Feb 2002 17:08:47 -0800 From: Luigi Rizzo To: net@freebsd.org Subject: HEADS UP: upcoming change to net.link.ether.bridge_cfg handling Message-ID: <20020211170846.B32847@iguana.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, since i recently had a chance to do some fixes to the bridging code, in the next few days I am about to change the parsing of the sysctl variable net.link.ether.bridge_cfg. The variable was meant to contain the list of interfaces on which bridging was enabled, optionally following each interface with its cluster id. For reasons related to the handling of dynamically created interfaces (e.g. PCMCIA cards), at some point the code was changed so that each interface creation/deletion would rescan the list of interfaces, and overwrite "bridge_cfg" with a default configuration in which all ethernet interfaces become part of the same cluster. Obviously, this automatic override of an existing configuration is less than desirable, was almost surely an undesired side effect, and poses significant security problems which are just not acceptable. So, I am going to change the handling of "bridge_cfg" so that on interface creation/deletion the system will not change its value but just reinitialize bridging on all interfaces specified in that variable *and* still existing. Bridging on dynamically created interfaces (such as PC-CARD devices, or vlan) will be still possible, but you have to configure them explicitly. That also means that at boot time, the list of interfaces will be empty. This can be easily fixed by doing sysctl net.link.ether.bridge_cfg="`ifconfig -l`" in the rc* files, and I will make sure that this is the default in rc* files. Constructive complaints are welcome, but 100% backward compatibility is just not feasible. cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message