Hi all I am very happy with the comments and suggestions I got concerning my proposal for a new network configuration. Now I want to give a little summary about what is going to change in my proposed structure (I am also posting this to debian-admintool as I think it fits there also).
1. After Anthony told me about his new ifup and ifdown commands, I think I will build up on his code to implement my proposal. In my opinion it is better to have some partially incomplete, working code than a mostly complete proposal. I am also very happy that I was offered help by Inaky Perez Gonzalez. If there are more people working on this the chance of getting it running soon increases drastically. What I really want to do with this proposal is set up a killer application for configuring network stuff in Debian that is way ahead of other distribution's tools. This is the main cause why I tried to integrate all parts into one structure. I have no objections against splitting the information into different config files, but I would like them to be integrated. Are there any objections against using Anthony's code ? Is there any disadvantage of not writing that thing from scratch ? Anthony, is it possible to modularize your work so that different config file formats can be used ? There is still one problem with the current code that has to be solved. One of my main points was the usage of named networks. These named networks are used for the definition of routing and firewalling rules and I think that they make it a lot easier when someone deals with more than 3 interfaces. Anthony, how could the naming be implemented with your current file format ? 2. Schemes are a very good idea and they will definitely go into the system, even if the decision is to write it from scratch. 3. Another excellent idea of Anthony is the usage of .defn files. I want to use them too. 4. pcmcia, isdn and ppp will have to be supported better. I know about isdn and pcmcia but I do not have very much experience with ppp dial-out. There is an addition to my system that deals with ppp from Inakya that I like and I will try to integrate this. Now there is question to the maintainers of the pcmcia, isdn and ppp related packages: Would you like have the options integrated with the network interface configuration ? It does not have to be in the same file, I want to have a modular design for reading the information so that there could be multiple files, a single XML file or whatever (possibly the new debian configuration management system after a decision was made). I want to define and implement the structure and sematics behind this. Paul Slootman, the maintainer of isdnutils, said already that he wants to cooperate with this project. What do the others think ? 5. Brian Basset had the objection that the ipmasq package already did some of what I am trying to do with my proposal. Yesterday I looked at the rule files processed by ipmasq and I saw some features that I really like (mostly the secure way of activating the firewall rules) and that I will take and implement (that the good point with open source - you don't have to reinvent the wheel). But ipmasq is aimed at the experienced Unix user who knows how to read and interpret manual pages. Please correct me if I am wrong, but ipmasq only deals with activating already written ipchains (or ipfwadm) statements. This does not interfere with my activation tool that tries to write these for the user. I want to have an easy to learn but powerful "language" to write firewalling rules. These rules get translated into the correct ipchains statements. We could use my activation agent to write the rules and the ipmasq script to activate them. Is my assumption (without real knowledge ;-) ) about the purpose of impasq correct (I do not want do things that have already be done) ? 6. I know that there are at least two other packages for network interface configuration, but I lost my debian-devel archive due to a mail server crash. Please could everybody who is working on something like my proposal drop me a message on how it differs from mine. I really would like to create something powerful that can handle all features of the 2.2.x kernels. I am in no way fixed on my proposal, many things can change if there are better ways to do it. If we work together, we can create a powerful system. 7. I think the system should build on the tools to configure kernel 2.2.x behaviour (ip, ipchains, ipmasqadm) as they are much more powerful than the tools for older kernels (ifconfig, ipfwadm). When we use .defn files, we could write files for using both systems, but I want to conentrate on the newer tools. Are there any objections agains this ? 7. As I am no official maintainer yet (my application is pending as I read on this list), somebody would have to spnsor the uploads if the system is to go into the main distribution. This is no problem for me if somebody would do that (maybe to experimental at the early stages). best greets Rene
