James Carlson wrote: > ... >>> 3. We're defining these bits of syntax ourselves, and we're expecting >>> that administrators are going to rely on them for the security of >>> their systems. Given that, is "Volatile" the right classification >>> for the new "family ether" and "layer2" configuration keywords? >>> >> We'll think more about this. >> > > Please just make it "Committed." >
For "family ether", I've no problem with "Committed." The "layer2" bits I consider to be a blight on the configruation syntax, not to mention that implementation atrocity that results in policy needing to be defined twice, and I will be looking for a way to arcitect it out in the future. Whilst it might appeal to you (since you pretty much got in the way of anything else), it really does not fit into anything futurish for ipfilter. It is a dead end piece of syntax and we should not be carrying that baggage around for any longer than it needs to be. Having to put up with: * layer 2 rules * layer 3 rules * layer 3 rules for layer 2 is something that we can accomdate in the short term for the sake of expediency but in long term, the last of those three needs to die. Darren
