[libvirt] [libvirt PATCHv6 1/1] add DHCP snooping
Stefan Berger
stefanb at us.ibm.com
Fri Mar 23 00:33:42 UTC 2012
David Stevens/Beaverton/IBM wrote on 03/22/2012 08:10:44 PM:
> From: David Stevens/Beaverton/IBM
> To: Stefan Berger/Watson/IBM
> Cc: Eric Blake <eblake at redhat.com>, libvir-list at redhat.com
> Date: 03/22/2012 08:10 PM
> Subject: Re: [libvirt] [libvirt PATCHv6 1/1] add DHCP snooping
>
> Stefan Berger/Watson/IBM wrote on 03/22/2012 05:00:45 PM:
>
> > Maybe we should go with the previous code from a while ago which was
> > setting a flag for the thread to die. It caused other work-arounds
> > to become necessary but at least we don't have to deal with possibly
> > async. deaths of threads holding locks.
>
> Yes, I have in mind a way to do this now that should keep the
> simplicity and still not use signals. I'll try this out and
> repost.
>
Ok.
An idea may be that the threat has to 'find' its snoop request in a global
list every time it processes a packet. Once it cannot find it anymore, it
dies. Removing the request from the global list would be the way to
terminate the threat. Also, it would have to hold a look to the snoop
request while it does anything else than waiting for packets in the pcap
library.
Stefan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120322/6e8a6ca0/attachment-0001.htm>
More information about the libvir-list
mailing list