Hello, This is the 7th version of our interface group patches.
The interface group value can be used to manage different interfaces at the same time such as in netfilter/iptables. As earlier discussed, it can be used for advanced routing, tc command and so on [1]. An u_int32_t member was added to net devices indicating the interface group number of the device which can be get/set via netlink. The xt_ifgroup netfilter match is for checking this value with an optional mask. Changes: - The first patch of the previous version splitted into 2 separate patches. - The ip command now let values larger than 0xff be set, octal, decimal and hexadecimal values are valid and in the range of 0x00-0xff any name can be used (from /etc/iproute2/rt_ifgroup). - added sysfs support to read/write the ifgroup value Other patches are for userpace programs: * iptables * iproute2. Because kernel 2.6.24-rc1 introduced a new enum value, IFLA_NET_NS_PID, and it wasn't in the iproute2 code, the first patch simply adds this value. The second patch adds support of interface group. Usage: ip link set eth0 group 684 # set ip link set eth0 group 0 # unset iptables -A INPUT -m ifgroup --ifgroup-in 4/0xf -j ACCEPT iptables -A FORWARD -m ifgroup --ifgroup-in 4 ! --ifgroup-out 5 -j DROP Patches: [1/5] Remove unnecessary locks from rtnetlink (in do_setlink) [2/5] rtnetlink: send a single notification on device state changes [3/5] Interface group: core (netlink) part [4/5] Ifgroup read/write support in sysfs [5/5] Netfilter Interface group match [iptables]Interface group match [iproute2 1/2] Added IFLA_NET_NS_PID as in kernel v2.6.24-rc1 [iproute2 2/2] Interface group as new ip link option Rererences: [1] http://marc.info/?l=linux-netdev&m=119556459514598&w=2 -- Laszlo Attila Toth - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
