On Wed, 13 Jan 2010 14:43:26 +0100 (CET)
Jan Engelhardt <jengelh@xxxxxxxxxx> wrote:
>
> On Wednesday 2010-01-13 14:24, Patrick McHardy wrote:
> >>
> >> The proposal is to enhance iptables (and other tools which might fail if
> >> integrated port 1 does not get named as eth0) to support something like
> >[...]
> >> + strcpy(vianame, kernel_name);
> >> + int vialen = strlen(kernel_name);
> >> if ((vialen == 0) || (vialen == 1 && vianame[0] == '+'))
> >> memset(mask, 0, IFNAMSIZ);
> >> else if (vianame[vialen - 1] == '+') {
> >>
> >>
> >> where kernel_name is the ethN name that will be returned by a library
> >> like libnetdevname which will map the user supplied "Embedded_NIC_1"
> >> name to the corresponding ethN name, thus bringing in determinism while
> >> referring to the network interfaces.
> >>
> >> Netfilter-devel, would this be acceptable ?
> >
> >What I don't like very much is that you can't decide whether to
> >map the interface names back in order to display a rule the same
> >way it was specified. Anyone looking at the output will have to
> >know the alias mapping, which seems to defeat the purpose of
> >this patch.
>
> By definition, the mapping from aliases to real names is not
> bijective, thus not always unambiguously reversible. That also means
> there will be problems if either side of a mapping disappears - say,
> across a reboot - you are in for some local DoS. That of course also
> holds for regular network interface names, but only if you do not use
> udev to give them a persistent name.
Is there a tool to do:
netdevtoalias eth0
and
netdevfromalias Embedded_NIC_1
--
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
