On Tue, 29 Jan 2013 13:58:30 -0500, Bill Nottingham wrote: > Tomasz Torcz (to...@pipebreaker.pl) said: >> If I understand right, there is not guarantee >> "em1" would become "eno1" in 100% of cases. Iptables saved config >> would still need to be checked and verified. > > It won't, but having it be the same in the case where it *does* have the > same idea as biosdevname of 'first embedded interface', it could be > useful to have the same name.
One way to handle this: when firewall rules are saved through firewalld (or iptables-services), it should also ask NetworkManager to save the network device names involved by their MAC addresses. Except when it knows a MAC address wouldn't be stable (e.g. tun/tap device with a kernel generated MAC address) or when running in a VM. The kernel could help in identifying devices would unstable MAC addresses. Just a documented and supported way to avoid reconfiguring the firewall on Fedora upgrade when network device name policy could potentially change would also help. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
