mirror of
https://github.com/Rudd-O/qubes-network-server.git
synced 2025-03-01 14:22:35 +01:00
28 lines
1.2 KiB
Plaintext
28 lines
1.2 KiB
Plaintext
To do list:
|
|
|
|
* Make the system do the right thing (withdraw ip neigh /
|
|
ip route / iptables rules) when VMs power off or when
|
|
their network gets detached.
|
|
Right now the rules are only reconfigured when:
|
|
* a VM starts (ancestor VMs get reconfigured)
|
|
* a VM gets unpaused (same as before)
|
|
* a VM network gets attached (same as before)
|
|
* a VM's FW rules get altered (parent ProxyVM and sibling
|
|
VMs get reconfigured, and this reconfiguration only
|
|
affects iptables rules)
|
|
* Make the system do the right thing when `static_ip`
|
|
is changed / enabled / disabled, without requiring a
|
|
VM restart.
|
|
* Key point (but not only point): appvm fwrules that
|
|
were setup need to be un-setup, which means that
|
|
our current algorithm "look at VMs with static_ip"
|
|
will not work to un-setup those fwrules.
|
|
* Define very clearly when fw state is modified
|
|
for appvm, as that requires execution of code
|
|
in the appvm, and tracking how and when to
|
|
undo that state transition.
|
|
* Evaluate network access permissions when appvm
|
|
is attached to netvm, vs attached to proxyvm to netvm,
|
|
vs attached to proxyvm to proxyvm to netvm.
|
|
* Prolly need to write some important automated tests.
|