From owner-freebsd-net@FreeBSD.ORG  Mon Sep 27 15:55:45 2010
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B5B1B1065697
	for <freebsd-net@freebsd.org>; Mon, 27 Sep 2010 15:55:45 +0000 (UTC)
	(envelope-from lists@jnielsen.net)
Received: from ns1temp.jnielsen.net (ns1temp.jnielsen.net [69.55.230.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 99AD58FC0A
	for <freebsd-net@freebsd.org>; Mon, 27 Sep 2010 15:55:45 +0000 (UTC)
Received: from jnielsen.socialserve.com ([12.53.251.10]) (authenticated bits=0)
	by ns1temp.jnielsen.net (8.14.3/8.14.3) with ESMTP id o8RFth8u093392
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT);
	Mon, 27 Sep 2010 11:55:45 -0400 (EDT)
	(envelope-from lists@jnielsen.net)
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset=us-ascii
From: John Nielsen <lists@jnielsen.net>
In-Reply-To: <AANLkTi=GozyQv+xuXS7xT6Kzaa7XaFxAOrihKdKdnCge@mail.gmail.com>
Date: Mon, 27 Sep 2010 11:55:38 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <0A10F8F0-5BAB-4782-87CF-91E7661D805E@jnielsen.net>
References: <AANLkTi=GozyQv+xuXS7xT6Kzaa7XaFxAOrihKdKdnCge@mail.gmail.com>
To: Paul Joe <apauljoe@gmail.com>
X-Mailer: Apple Mail (2.1081)
X-DCC-x.dcc-servers-Metrics: ns1temp.jnielsen.net; whitelist
X-Virus-Scanned: clamav-milter 0.96.3 at ns1temp.jnielsen.net
X-Virus-Status: Clean
Cc: freebsd-net@freebsd.org
Subject: Re: Extending dummynet/ipfw
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Sep 2010 15:55:45 -0000

On Sep 27, 2010, at 11:20 AM, Paul Joe wrote:

> I have attached a patch which allows to do flow classifications in =
userland
> (e.g based on url categories, LDAP users)
> and do bandwidth control in kernel(dummynet).
>=20
> The patch has
>=20
> a) a setsocketopt, to associate a pipe to the socket.
>=20
> b) an ipfw option(sockarg) to redirect flows to corresponding pipe.
>=20
> Moreover, a member uint32_t is added to struct socket to hold the pipe =
info.
>=20
> I guess this structure is not part of kernel userland ABI.
>=20
> Please let me know your comments, which I would be glad to incorporate

This is something I have wished for in the past so I'm glad to see it. =
I'd love to test it but I'm not sure what to do, especially on the =
userland side. Could you post a simple ipfw ruleset that uses your patch =
along with directions or a simple example program for doing the userland =
classification?

Thanks!

JN