[avahi] [PATCH] [RFC] Untested interface limitation patch
Ted Percival
ted at midg3t.net
Mon May 12 17:59:48 PDT 2008
Lennart Poettering wrote:
> On Mon, 12.05.08 01:45, Stefan de Konink (avahi at ml.kinkrsoftware.nl) wrote:
>> > > I'd prefer if we'd also get an interface blacklist at the same time
>> > > as a whitelist, but that wouldn't hinder me to merge your
>> > > patch. (i.e. "deny-interfaces" would be cool in addition to
>> > > "allow-interface").
>>
>> I'll do this too then. Since it is the same function. What would be the
>> resolve scenario? First deny then allow?
>
> For security reasons deny should have the last word.
I agree. I'd call them "allow-interfaces" and "deny-interfaces".
How about allowing wildcard matching of interface names, eg.
allow-interfaces=eth*
That might be easier for the people who want to enable or disable Avahi
on their tun/tap/lo/ppp interfaces.
More information about the avahi
mailing list