Closed sax closed 9 years ago
I wonder, is there any harm in allowing ip spoofing all the time? Seems like any risk here would be mitigated simply by being a Vagrant environment.
I think the first order of business should be to give SmartOS users what Linux users would have. And I don’t think a default Linux install will prevent IP spoofing.
Adding controls for that could happen later?
On Oct 6, 2014, at 6:05 PM, Tyler Flint notifications@github.com wrote:
I wonder, is there any harm in allowing ip spoofing all the time? Seems like any risk here would be mitigated simply by being a Vagrant environment.
— Reply to this email directly or view it on GitHub https://github.com/vagrant-smartos/vagrant-smartos-zones/issues/3#issuecomment-58040695.
Sounds good. It's a simple change to the zone creation json. Someone want to make/merge a pull request? I'll be back near a computer this evening and can do so otherwise.
I don’t have a chance to get this today. If you haven’t by tomorrow I can get it then.
Thanks
On Oct 6, 2014, at 2:13 PM, Eric Saxby notifications@github.com wrote:
Sounds good. It's a simple change to the zone creation json. Someone want to make/merge a pull request? I'll be back near a computer this evening and can do so otherwise.
Sent from my iPhone
On Oct 6, 2014, at 10:07 AM, Blake Irvin notifications@github.com wrote:
I think the first order of business should be to give SmartOS users what Linux users would have. And I don’t think a default Linux install will prevent IP spoofing.
Adding controls for that could happen later?
On Oct 6, 2014, at 6:05 PM, Tyler Flint notifications@github.com wrote:
I wonder, is there any harm in allowing ip spoofing all the time? Seems like any risk here would be mitigated simply by being a Vagrant environment.
— Reply to this email directly or view it on GitHub < https://github.com/vagrant-smartos/vagrant-smartos-zones/issues/3#issuecomment-58040695>.
— Reply to this email directly or view it on GitHub https://github.com/vagrant-smartos/vagrant-smartos-zones/issues/3#issuecomment-58040972 . — Reply to this email directly or view it on GitHub.
I'm pushing this on the zonegate branch for now, as it's so far ahead of master. Hopefully will be able to merge in the branch this week.
You should be able to specify in a Vagrantfile that a zone allows ip spoofing. This would add a field to the json passed to
vmadm
when the zone is created.