On 05/09/2011 02:00 PM, David L Stevens wrote: > The following series of patches replaces IP address learning in > network filtering with DHCP snooping. The existing address learning capability > does not provide security since it relies on addresses used in initial packets > sent by the guest to determine an IP address. A spoofing guest can simply > arrange to send packets using the target address early on. > With DHCP snooping, only addresses acknowledged by a DHCP server can > be used by the guest, and only for the given lease time if the address lease > is not renewed. > The patches also add support for multiple IP addresses per interface. Can you configure your mailer to send related patches threaded to one another (or at least all as a reply to the 0/9 cover-letter), rather than starting an independent thread for each mail in the series? 'git send-email' can do this. Also, some of your mails came through twice; for example: https://www.redhat.com/archives/libvir-list/2011-May/msg00437.html https://www.redhat.com/archives/libvir-list/2011-May/msg00441.html which has the tendency to cause review confusion. -- Eric Blake eblake@xxxxxxxxxx +1-801-349-2682 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list