These are a few ideas what may make network startup scripts more usable on workstations and portables. The scripts detect what network a machine is connected to and launches appropriate services (eg. different firewall settings, but they may be network urelated too). Basically there should be at least two networks (classes?) * home - trusted * public - terra incognita One of smart ways to detect the location I came across recently is gateway's MAC address. If the address is on a list then it is a home network the machine is connected to if not it is a public one. It may be even more convenient to have many "known" locations e.g. home, corpo, campus, etc. Current "location" should be available somewhere in /var/{lib,run,lib/init.d}. To keep things simple the default route's gateway MAC should be considered. I think different runlevels might be used for location aware service launching. There must be, however, something that keeps track of network connections and kicks init(8) appropriately. Another, maybe simpler, matter is an Internet connection detection. Some services like ntp-client (with default settings) require not only a network connection but one that routes to the Internet. Reproducible: Always Steps to Reproduce:
Hello Lukasz, this is a very good suggestion. I would take the (B)SSID into account, "eduroam" is provided by literally thousands of APs around the world (e.g. 1388 in metro area of Munich). Have you tried using the pahse functions (i use preup() {if [ ${IFACE} == "lo" ];} and postdown() in /etc/conf.d/net? Afaik, Gentoo lacks the possibility to use id_str from /etc/wpa_supplicant/wpa_supplicant.conf. Debian runs ifup/ifdown with these values and you can hook actions according to the IFACE var. You can use a wpa_cli session to trace the event on the network. the IP address can be taken into account too. Our local university network LRZ-MUNICH uses /21 parts of a 10/8 network on unencrypted AP and wall jacks to provide network via Cisco VPN and other parts to be masqueraded transparently. Hm, a set of schemes, plus a set of triggers (mii-tool on eth + wpa_cli on wlan plus hibernation/suspend detection) to get changes would be cool. I stay tuned for patches/actions! Michael
(In reply to comment #1) > this is a very good suggestion. I would take the (B)SSID into account, > "eduroam" is provided by literally thousands of APs around the world (e.g. > 1388 in metro area of Munich). This may be an option but since it's not available on wired ethernet it must not be the only one. One should be able to choose or even mix these two methods as BSSID is quite easy to fake. Having to fake both BSSID and GW's MAC isn't that simple. > Have you tried using the pahse functions (i use preup() {if [ ${IFACE} == "lo" > ];} and postdown() in /etc/conf.d/net? I'd rather used postup() but this is rather a detail. I > the IP address can be taken into account too. That's good to. So let's look at: * host IP (certain network, rather than only a particular address, in the end there is always /32) * network IP (IP addr "-" netmask, matching as above) * GW MAC addr (might not be so convenient in large and "heavily managed" networks, but works fine at home) * (B)SSID * AP mac (geolocation ersatz) * combination of the above * anything else? > Hm, a set of schemes, plus a set of triggers (mii-tool on eth + wpa_cli on I think hooking into postup() is best, because that's the moment you begin actually working on a particular network and all those triggers that launch net.IF start already exist.
