From owner-freebsd-questions@FreeBSD.ORG Mon Oct 25 15:20:43 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 197C116A4CE for ; Mon, 25 Oct 2004 15:20:43 +0000 (GMT) Received: from dnsmail3.ior.navy.mil (nocb.ior.navy.mil [205.56.210.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9782A43D55 for ; Mon, 25 Oct 2004 15:20:37 +0000 (GMT) (envelope-from JohnsoBS@vicksburg.navy.mil) Received: from cg69ubd01.vicksburg.navy.mil ([205.95.65.21]) i9PFIG5v020187; Mon, 25 Oct 2004 15:18:21 GMT Received: by CG69UBD01 with Internet Mail Service (5.5.2657.72) id ; Mon, 25 Oct 2004 18:23:34 +0300 Message-ID: From: JohnsoBS@vicksburg.navy.mil To: TM4525@aol.com, JohnsoBS@vicksburg.navy.mil Date: Mon, 25 Oct 2004 18:23:33 +0300 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="iso-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: questions@freebsd.org Subject: RE: ifconfig alias: File Exists X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Oct 2004 15:20:43 -0000 -----Original Message----- From: TM4525@aol.com [mailto:TM4525@aol.com] Sent: Monday, October 25, 2004 4:59 PM To: JohnsoBS@vicksburg.navy.mil Cc: questions@freebsd.org Subject: Re: ifconfig alias: File Exists In a message dated 10/24/04 11:18:14 AM Eastern Daylight Time, JohnsoBS@vicksburg.navy.mil writes: > >Is that new? You are right, that fixed it, but didn't think > I had to do > >that before :( > You get it because the guy who maintains ifconfig didn't have > the foresight > to realize the "alias" should imply a host mask, and also > that the guy who > coded the kernel code didn't think that assuming a host mask was > reasonable. > > Welcome to open source. Love it and live with it. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > >To assume makes an ass out of u and me. Ok, that out of the way, the config >you assume should be coded into ifconfig and kernel is not 100% going to be >used all the time. In fact I have multiple nets and have multiple netmask >assigned on the one machine. If you actually READ "man ifconfig" it states >that this should be set to what you assume it should be. It helps when >people don't attack things they don't fully understand cause for many it >might be a person's first view at what you are bashing. Unfortunately also, >many people aren't smart enough to get a second opinion or to try beyond >there first try or someone person's like yourselfs comments. As for the "assume" thing, speak for yourself. Your implication that there should be no defaults is quite asinine. If it doesn't work with no netmask specified, then its broken. Its not unreasonable to assume that if no netmask is provided, then a host mask (for an alias) is intended. In the absence of a netmask, the only "assumption" thats reasonable is a host mask. There are lots of "assumptions" made by ifconfig. It "assumes" that you only want the interface to have one address (as if you submit an address to an interface that already has one it explicitly deletes the other). Its not unreasonable to assume that, nor would it be unreasonable to assume that the intention was to add an alias. It would certainly be safer. And I "understand" it a lot better than you do. In today's world, "assuming" the natural mask (which is what ifconfig has done since the beginning of time) is wrong most of the time. Just because someone back in the 1970s decided to do it that way doesn't make it correct. One of the basic properties of a default setting is that it should work I find it very wrong to assume anything on a network interface. Assumptions on anything that could open up a security hole are very dangerous. ifconfig has a far greater ability than many things to open up security wholes that may get around an improperly setup firewall. I agree that some assumptions can easily be made and should be but not here.