On 27/07/2003 at 17:55 David S. Miller wrote:
>With or without your suggestion, people have to do something
>different.
Just enabling the hidden switch solved my setting and I think it solves
most of "problem" settings.
>This doesn't even address all the problems there are with
>the hidden patch. It does things that belong on the netfilter
>level and not on the ARP/routing level.
Well... it's just your opinion... other OS and systems don't use
netfilter of firewalling at all (ex. Win) and behave like with "hidden"
applied.
Really, the only one I have tested that not do it is Linux 2.2+
For me (not a kernel developer), my world are the OSI layers, and the
isolation of the interfaces at layer 2 IMHO should be in the kernel not
any firewall module that you must install, tune and configure.
>Again, I'd like you to read all the discussions that have happened on
>this topic in the past, in particular those made by Alexey Kuznetsov
>on this topic. He gives very clear and concise reasons why the
>"hidden" patch is logically doing things in the wrong part of the
>kernel, and therefore won't ever be put into the tree.
I will look... but doing arp filter is not a real simple solution in
any way.
Regards,
Carlos Velasco
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jul 31 2003 - 22:00:33 EST