On 27/07/2003 at 17:55 David S. Miller wrote: >With or without your suggestion, people have to do something >different. Just enabling the hidden switch solved my setting and I think it solves most of "problem" settings. >This doesn't even address all the problems there are with >the hidden patch. It does things that belong on the netfilter >level and not on the ARP/routing level. Well... it's just your opinion... other OS and systems don't use netfilter of firewalling at all (ex. Win) and behave like with "hidden" applied. Really, the only one I have tested that not do it is Linux 2.2+ For me (not a kernel developer), my world are the OSI layers, and the isolation of the interfaces at layer 2 IMHO should be in the kernel not any firewall module that you must install, tune and configure. >Again, I'd like you to read all the discussions that have happened on >this topic in the past, in particular those made by Alexey Kuznetsov >on this topic. He gives very clear and concise reasons why the >"hidden" patch is logically doing things in the wrong part of the >kernel, and therefore won't ever be put into the tree. I will look... but doing arp filter is not a real simple solution in any way. Regards, Carlos Velasco - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
