On Mon, Jun 24, 2019 at 04:20:59AM -0700, Jason Thorpe wrote:
>
> > On Jun 24, 2019, at 12:15 AM, Manuel Bouyer <bou...@antioche.eu.org> wrote:
> >
> > I'd like to see this in NetBSD. I'd also like packet filters to be able
> > to use the description instead of the name for interfaces. This would make
> > my life much easier for e.g. ipfilter in Xen dom0, where the domU's virtual
> > interfaces have unpredicatble names.
>
> I agree, we should be able to use the description as a means of looking up
> the interface. However, because descriptions can be arbitrary, you need to
> have some rules around them:
>
> 1- Duplicate descriptions are not allowed (should return EEXIST if an attempt
> is made to set a duplicate).
Sure
>
> 2- In order to prevent unpredictable behavior in the presence of name-"wm0"
> and description-"wm0" being associated with different interfaces, the
> hardware name should always take priority when looking up an interface.
I'd say that we should explicitely mention if we're looking up a name or
a description, to avoid confusion. For example if wm0 has descrition
"external if" we should be able to write in ipf:
block in on wm0 from any to any
or
block in on intf_desc "external if" from any to any
Same with netstat:
netstat -I wm0
netstat -D "external if"
and so on ...
--
Manuel Bouyer <bou...@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--
