Re: [libvirt] [PATCH 0/9] add DHCP snooping support to nwfilter

On 05/09/2011 02:00 PM, David L Stevens wrote:
> 	The following series of patches replaces IP address learning in
> network filtering with DHCP snooping. The existing address learning capability 
> does not provide security since it relies on addresses used in initial packets
> sent by the guest to determine an IP address. A spoofing guest can simply
> arrange to send packets using the target address early on.
> 	With DHCP snooping, only addresses acknowledged by a DHCP server can
> be used by the guest, and only for the given lease time if the address lease
> is not renewed.
> 	The patches also add support for multiple IP addresses per interface.

Can you configure your mailer to send related patches threaded to one
another (or at least all as a reply to the 0/9 cover-letter), rather
than starting an independent thread for each mail in the series?  'git
send-email' can do this.  Also, some of your mails came through twice;
for example:


which has the tendency to cause review confusion.

Eric Blake   eblake redhat com    +1-801-349-2682
