On Thu, Mar 30, 2017 at 12:06:36PM -0400, Eric S. Raymond wrote: > Head up, Mark! Policy issue. > > I fear the wildcard-socket simplification, last of our pre-1.0 major > ambitions, has just hit a wall. > > The problem is not with the code simplification itself. The problem is > that there is a configuration feature called "NIC rules" that depends > on knowing what actual physical interface a packet arrived on. NIC > rules are address filters applied to individual interfaces. > > In order to implement this against a packet flow that is all being > accepted by the wildcard interface, we need a way to back out of each > packet which physical interface it arrived on. > > One might expect this to be available via a CMSG lookup into recmvsg's > per-package auxiliary headers, analogously to the way we now get the > packet-arrival timestamp (see ntpd/ntp_packetstamp.c). It's the only > place for the information to be that has the right locality.
Have you look to things like IP_PKTINFO? Kurt _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
