CVSROOT: /cvs
Module name: src
Changes by: m...@cvs.openbsd.org 2018/02/08 06:15:32
Modified files:
sys/net : if_bridge.c if_bridge.h
sys/sys : sockio.h
sbin/ifconfig : brconfig.c brconfig.h ifconfig.8 ifconfig.c
Log message:
Add a new '-protected' option for bridge members.
Bridge members that are part of the same protected domain, refered by
a number between 1 and 31, cannot talk to each others. This is useful
to isolate VMs or untrusted networks at layer 2.
Members can be part of multiple protected domain making it possible to
create complex protected setups.
ok ccardenas@, claudio@, dlg@, henning@
