From: Eris Discordia <eris.discordia@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] Plan 9 on Routers?
Date: Wed, 25 Mar 2009 10:41:34 +0000 [thread overview]
Message-ID: <DAAF8F6516CF2CFF612A18DE@[192.168.1.2]> (raw)
In-Reply-To: <fd20e2c3f874746a40060d3fcff868ff@quanstro.net>
> as long as you restrict your network to plan 9 machines, it is possible
> to import /net from a gateway machine and avoid sticky things like packet
> filtering.
Back to the future yet? May I suggest that the "sticky" packet filtering,
more generally packet manipulation, has crucial applications in any
packet-switched network (like... "the Net") and a certain OS's current lack
of facilities, out of the box, to deal with the problem does not
automatically mean the problem should be thrown out. Of course, in an
essentially sheltered world not having an IDS is as good as having one but,
you see, that's the world of a certain OS. Other OSes have to live in the
wild.
P.S. This is a get-back from the NAT thread.
--On Tuesday, March 24, 2009 7:20 PM -0400 erik quanstrom
<quanstro@quanstro.net> wrote:
>> It seems that /net/iproute is where I can start. It has a complete
>> interface for editing routes. What we need is a user space script that
>> implements routing, like http://www.openbgp.org/ does on OpenBSD.
>> Except that, it will only have to send add, delete and flush control
>> messages to the iproute file.
>
> see ipconfig(8).
>
>> About Packet Classification. I read that iptables is not needed on
>> Plan 9 because its "mount /net over the network" concept achieved
>> anonymity or transparency -- something along those lines. "There are
>> no logs about who is sending what, and that is a good thing".
>
> that's not strictly true. as long as you restrict your network to
> plan 9 machines, it is possible to import /net from a gateway
> machine and avoid sticky things like packet filtering. there is
> also ipmux (discussed in ip(3)). i don't think ipmux has enough
> rewriting (or state) to implement something like nat.
>
> - erik
>
next prev parent reply other threads:[~2009-03-25 10:41 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-24 19:11 Rahul Murmuria
2009-03-24 19:35 ` [9fans] drawterm font Benjamin Huntsman
2009-03-24 19:52 ` erik quanstrom
2009-03-24 20:01 ` Russ Cox
2009-03-24 20:12 ` Benjamin Huntsman
2009-03-24 19:45 ` [9fans] Plan 9 on Routers? Devon H. O'Dell
2009-03-24 19:51 ` J.R. Mauro
2009-03-24 20:05 ` Rahul Murmuria
2009-03-24 20:33 ` J.R. Mauro
2009-03-24 21:35 ` Bakul Shah
2009-03-24 23:00 ` Rahul Murmuria
2009-03-24 23:20 ` erik quanstrom
2009-03-25 6:35 ` Rahul Murmuria
2009-03-25 10:41 ` Eris Discordia [this message]
2009-03-25 13:00 ` Devon H. O'Dell
2009-03-25 13:25 ` erik quanstrom
2009-03-25 13:31 ` Devon H. O'Dell
2009-03-25 15:47 ` Bakul Shah
2009-03-25 15:59 ` Devon H. O'Dell
2009-03-26 4:37 ` lucio
2009-03-26 13:26 ` Devon H. O'Dell
2009-03-24 19:58 ` erik quanstrom
2009-03-25 15:09 ` jetskean
2009-03-25 15:40 ` andrey mirtchovski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='DAAF8F6516CF2CFF612A18DE@[192.168.1.2]' \
--to=eris.discordia@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).