* Claudio Jeker <cje...@diehard.n-r-g.com> [2011-05-19 13:20]: > On Thu, May 19, 2011 at 10:49:59AM +0100, Stuart Henderson wrote: > > On 2011/05/19 11:26, Claudio Jeker wrote: > > > There is a bigger problem with 'set skip on lo', it is only evaluated > > > during load. So if you create a lo1 afterwards the set skip will not > > > trigger. This is very annoying especially with qemu and tun interfaces. > > > > Right, I noticed this during testing, and this at least deserves a > > mention (independent of my other diff). > > > > Changing this behaviour could be a problem though, I think it would > > need to be checked before state lookup, and we don't want to walk the > > groups of all interfaces on the system for every packet. > > > > Since the PFI_IFLAG_SKIP is set on a kif it should be possible to > inherit the flag from a group when an interface is created. > This would have no impact on runtime execution time. > > I would really like to have set skip pick up interfaces at runtime because > I get constantly burned by it.
again, spot on. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
