From mboxrd@z Thu Jan 1 00:00:00 1970 From: George Dunlap Subject: Re: [PATH] tools/hotplug/Linux: Add IPv6 support to vif-common filtering Date: Tue, 21 May 2013 13:26:42 +0100 Message-ID: <519B6802.6050909@eu.citrix.com> References: <1369066330.21246.17.camel@zakaz.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1369066330.21246.17.camel@zakaz.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Ian Campbell Cc: Sylvain Munaut , "xen-devel@lists.xen.org" List-Id: xen-devel@lists.xenproject.org On 05/20/2013 05:12 PM, Ian Campbell wrote: > On Mon, 2013-05-13 at 14:55 +0100, Sylvain Munaut wrote: >> The vif-common.sh hotplug script doesn't support ipv6 iptables >> filtering setup. The attached patch adds basic filtering capability so >> that if an IPv6 is specified, it's added to the 'authorized' source >> list. >> Basically the same behavior as for ipv4. >> >> I've been using this patch for some time on xen 4.1 and I've just >> forward ported it to xen master (it applied cleanly and didn't see any >> changes that would matter). > > Thanks, this looks plausible, at least as far as I am able to tell. Is > there anyone around who could review this from the ipv6/iptables PoV? > > WRT the release, we are now frozen for 4.3 and I'd be concerned about > introducing a subtle (or not so subtle) networking regression. George > what do you think? Yeah, I think given that no one has been clamoring for it, it would be better to wait until 4.4. -George