cvs commit: src/sbin/ifconfig ifbridge.c ifconfig.8 src/sys/net
if_bridge.c if_bridgevar.h
Andrea Campi
andrea+freebsd_cvs_all at webcom.it
Thu Nov 9 13:19:34 UTC 2006
On Thu, Nov 09, 2006 at 06:32:39AM +0000, Andrew Thompson wrote:
> thompsa 2006-11-09 06:32:39 UTC
>
> FreeBSD src repository
>
> Modified files:
> sbin/ifconfig ifbridge.c ifconfig.8
> sys/net if_bridge.c if_bridgevar.h
> Log:
> Add a new address cache type called sticky. On an interface marked sticky any
> address learned by the bridge is made permanent, the address will not age out
> and most importantly will not migrate to another interface.
>
> This can be used to stop mac address poisoning or clients roaming in much the
> same way as static entries without the hassle of preloading the table.
Way cool! An additional feature would be refusing to learn any other
address on an interface that has already learned an address. We used
to run our Cisco 5500s like that at ${PREVIOUSJOB}, so that people
couldn't (easily) disconnect their desktop and connect unauthorized
machines.
Bye,
Andrea
--
If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it.
More information about the cvs-src
mailing list