Netdev Archive on lore.kernel.org
 help / color / Atom feed
From: Eric Dumazet <eric.dumazet@gmail.com>
To: Gilberto Bertin <gilberto.bertin@gmail.com>
Cc: netdev@vger.kernel.org, tom@herbertland.com, markzzzsmith@gmail.com
Subject: Re: [net-next RFC 0/4] SO_BINDTOPREFIX
Date: Tue, 29 Mar 2016 07:31:35 -0700
Message-ID: <1459261895.6473.176.camel@edumazet-glaptop3.roam.corp.google.com> (raw)
In-Reply-To: <1458699966-3752-1-git-send-email-gilberto.bertin@gmail.com>

On Wed, 2016-03-23 at 02:26 +0000, Gilberto Bertin wrote:
> Since the net-next window just opened, I'm resubmitting my RFC for the
> SO_BINDTOSUBNET patch, following Mark Smith's suggestion to rename the
> whole thing to a more clear SO_BINDTOPREFIX.

Please do not add such monolithic option.

BPF is absolutely the way to go here, as it allows for whatever user
specified tweaks, like a list of destination subnetwork, or/and a list
of source network, or the date/time of the day, or port knocking without
netfilter, or ... you name it.

Simply add an option to load a BPF filter on a socket, used to vary the
various compute_score() functions.

No hard coded knowledge in the kernel, but a generic interface.

      parent reply index

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-03-23  2:26 Gilberto Bertin
2016-03-23  2:26 ` [net-next RFC 1/4] bindtoprefix: infrastructure Gilberto Bertin
2016-03-23  2:26 ` [net-next RFC 2/4] bindtoprefix: TCP/IPv4 implementation Gilberto Bertin
2016-03-23  2:26 ` [net-next RFC 3/4] bindtoprefix: TCP/IPv6 implementation Gilberto Bertin
2016-03-23  2:26 ` [net-next RFC 4/4] bindtoprefix: UPD implementation Gilberto Bertin
2016-03-29 14:31 ` Eric Dumazet [this message]

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1459261895.6473.176.camel@edumazet-glaptop3.roam.corp.google.com \
    --to=eric.dumazet@gmail.com \
    --cc=gilberto.bertin@gmail.com \
    --cc=markzzzsmith@gmail.com \
    --cc=netdev@vger.kernel.org \
    --cc=tom@herbertland.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Netdev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/netdev/0 netdev/git/0.git
	git clone --mirror https://lore.kernel.org/netdev/1 netdev/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 netdev netdev/ https://lore.kernel.org/netdev \
		netdev@vger.kernel.org
	public-inbox-index netdev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.netdev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git