On Monday 12 January 2015 17:22:57 Patrick McHardy wrote:
> On 12.01, Patrick Schaaf wrote:
> >
> > Interfaces come and go through many different actions. There's the admin
> > downing and upping stuff like bridges or bonds. There's stuff like libvirt
> > / KVM / qemu creating and destroying
On 12.01, Patrick Schaaf wrote:
> On Monday 12 January 2015 08:51:54 Eric Dumazet wrote:
> > On Mon, 2015-01-12 at 17:39 +0100, Patrick Schaaf wrote:
> > >
> > > Not to comment on the ifalias thing, which I think is unneccessary,
> > > too, but matching on interface names instead of only ifindex,
On Monday 12 January 2015 08:51:54 Eric Dumazet wrote:
> On Mon, 2015-01-12 at 17:39 +0100, Patrick Schaaf wrote:
> >
> > Not to comment on the ifalias thing, which I think is unneccessary,
> > too, but matching on interface names instead of only ifindex, is
> > definitely needed, so that one can
On Mon, 2015-01-12 at 17:39 +0100, Patrick Schaaf wrote:
> > iptables should have used ifindex, its sad we allowed the substring
>
> > match in first place.
>
>
>
> Not to comment on the ifalias thing, which I think is unneccessary,
> too, but matching on interface names instead of only
On Mon, 2015-01-12 at 17:32 +0100, Jan Engelhardt wrote:
> On Monday 2015-01-12 17:04, Eric Dumazet wrote:
> >
> >iptables should have used ifindex [for interface matching],
> >it[']s sad we allowed the substring match in first place.
>
> How would you solve interface name wildcards with
On Monday 2015-01-12 17:04, Eric Dumazet wrote:
>
>iptables should have used ifindex [for interface matching],
>it[']s sad we allowed the substring match in first place.
How would you solve interface name wildcards with ifindices?
(They come in handy if you have something like lots of tun+/veth+
Am 12.01.2015 um 17:04 schrieb Eric Dumazet:
> On Sun, 2015-01-11 at 21:52 +0100, Richard Weinberger wrote:
>> Signed-off-by: Richard Weinberger
>> ---
>> include/linux/netfilter/x_tables.h | 22 ++
>> net/ipv4/netfilter/arp_tables.c| 28 +---
>>
On Sun, 2015-01-11 at 21:52 +0100, Richard Weinberger wrote:
> Signed-off-by: Richard Weinberger
> ---
> include/linux/netfilter/x_tables.h | 22 ++
> net/ipv4/netfilter/arp_tables.c| 28 +---
> net/ipv4/netfilter/ip_tables.c | 15
Am 12.01.2015 um 17:04 schrieb Eric Dumazet:
On Sun, 2015-01-11 at 21:52 +0100, Richard Weinberger wrote:
Signed-off-by: Richard Weinberger rich...@nod.at
---
include/linux/netfilter/x_tables.h | 22 ++
net/ipv4/netfilter/arp_tables.c| 28 +---
On Monday 2015-01-12 17:04, Eric Dumazet wrote:
iptables should have used ifindex [for interface matching],
it[']s sad we allowed the substring match in first place.
How would you solve interface name wildcards with ifindices?
(They come in handy if you have something like lots of tun+/veth+
On Mon, 2015-01-12 at 17:32 +0100, Jan Engelhardt wrote:
On Monday 2015-01-12 17:04, Eric Dumazet wrote:
iptables should have used ifindex [for interface matching],
it[']s sad we allowed the substring match in first place.
How would you solve interface name wildcards with ifindices?
(They
On Sun, 2015-01-11 at 21:52 +0100, Richard Weinberger wrote:
Signed-off-by: Richard Weinberger rich...@nod.at
---
include/linux/netfilter/x_tables.h | 22 ++
net/ipv4/netfilter/arp_tables.c| 28 +---
net/ipv4/netfilter/ip_tables.c | 15
On Mon, 2015-01-12 at 17:39 +0100, Patrick Schaaf wrote:
iptables should have used ifindex, its sad we allowed the substring
match in first place.
Not to comment on the ifalias thing, which I think is unneccessary,
too, but matching on interface names instead of only ifindex, is
On 12.01, Patrick Schaaf wrote:
On Monday 12 January 2015 08:51:54 Eric Dumazet wrote:
On Mon, 2015-01-12 at 17:39 +0100, Patrick Schaaf wrote:
Not to comment on the ifalias thing, which I think is unneccessary,
too, but matching on interface names instead of only ifindex, is
On Monday 12 January 2015 17:22:57 Patrick McHardy wrote:
On 12.01, Patrick Schaaf wrote:
Interfaces come and go through many different actions. There's the admin
downing and upping stuff like bridges or bonds. There's stuff like libvirt
/ KVM / qemu creating and destroying interfaces. In
On Monday 12 January 2015 08:51:54 Eric Dumazet wrote:
On Mon, 2015-01-12 at 17:39 +0100, Patrick Schaaf wrote:
Not to comment on the ifalias thing, which I think is unneccessary,
too, but matching on interface names instead of only ifindex, is
definitely needed, so that one can
Signed-off-by: Richard Weinberger
---
include/linux/netfilter/x_tables.h | 22 ++
net/ipv4/netfilter/arp_tables.c| 28 +---
net/ipv4/netfilter/ip_tables.c | 15 +--
net/ipv6/netfilter/ip6_tables.c| 18 +++---
Signed-off-by: Richard Weinberger rich...@nod.at
---
include/linux/netfilter/x_tables.h | 22 ++
net/ipv4/netfilter/arp_tables.c| 28 +---
net/ipv4/netfilter/ip_tables.c | 15 +--
net/ipv6/netfilter/ip6_tables.c| 18
18 matches
Mail list logo
