As @bmike said, Internet Sharing hides a lot of complexity behind a very simple interface, and some of your questions can't be answered authoritatively without interviewing some of the Apple engineers behind it. But that won't stop me from taking a stab at it...
1) AirPort is different from the other interface types because in order to share over AirPort, your Mac has to actually create the wireless network (as opposed to just providing service over an existing ethernet, FireWire, etc connection). This means that InternetSharing needs to have a bunch of info about how to create the wireless network: network name (SSID), channel, security, etc.
2) Resharing over the same ethernet interface is useful under some circumstances. For example, on my home network my ISP provides limited number of static IP addresses for my use. I run a Mac doing the equivalent of Internet Sharing (actually, I set up the daemons manually as @Spiff recommended) to reshare over the same ethernet. Result: if I put a computer on my home ethernet and config it via DHCP, I get a private (behind-the-firewall) IP address from my virtually unlimited internal pool. If I manually config the computer with one of the public IPs, I get full unfitered internet access, but use up one of my limited public IP pool. Because they're both on the same network, "moving" a computer behind or in front of the firewall is just a simple configuration switch.
On the other hand, if you did this same trick on an ethernet network that already had a DHCP server, computers attaching to the network would randomly get configuration from one server or the other, leading to unpredictability, confusion, and hair-pulling. It's definitely a use-only-if-you-know-what-you're-doing feature. Fortunately, Internet Sharing is smart: if it detects another DHCP server on "its" private network, it shuts itself off to avoid trouble.
3) I don't know of a way to change the private IP range on an IS-created wireless network. On the other hand, it shouldn't really matter, since the network is being created by Internet Sharing, and therefore it doesn't have to worry about conflicts with any existing network numbering.
4) You can add interfaces with Apple's USB Ethernet Adapter. Get some USB hubs, and pile them on!
There is only one set of network interfaces on any Mac. But they have two different interfaces to manage them with different level of functions:
- a CLI (Command Line Interface),
- a GUI (Graphical User Interface).
Moreover, all the network interfaces are named differently through the 2 managment interfaces. Ex.: en0 / CLI = Ethernet / GUI
The GUI is for all users, from beginners to advanced GUI users. The GUI achieve a correct locking mechanism when you use different interfaces or other System Preferences which have to interact with any netwok interface
(for ex.: Internet Sharing).
This is an interface with a simplified set of "clickdrome windows". This GUI doesn't give you access to all the interfaces functions.
This GUI maintains its own database (a set of plist files).
This GUI doesn't manage correctly every change you can do at the CLI level.
The CLI will make direct use of system calls provided by the underlying operating system (which is a Unix) but won't make any update to the GUI database.
On the other hand, the CLI is for network engineers or system admins who are at ease with pfctl, ifconfig, netstat, traceroute….
My personnal experience is: be cautious when you use CLI that can modify details which are not visible within the GUI but are maintained within the GUI database.
Best Answer
Those are Tunnel-Interfaces. They are commonly used to provide IPv6- or VPN-Services. They are usually always active, but not connected unless you set up your system to use them.
You can determine if an interface is enabled but not active by observing its flags using
ifconfig <interfacename>to not contain UP.You can look up the definition for those interfaces on the terminal with
man giforman stf, respectively.